Memory Exhaustion Vulnerability in Mikrotik RouterOS

Memory Exhaustion Vulnerability in Mikrotik RouterOS

CVE-2019-13954 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:C

Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected.

Learn more about our Cis Benchmark Audit For Server Software.