Stack Exhaustion Vulnerability in Mikrotik RouterOS
CVE-2019-13955 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:N/A:P
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.
Learn more about our Cis Benchmark Audit For Server Software.