The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.
References
Link | Resource |
---|---|
https://vulncheck.com/advisories/mikrotik-jsproxy-dos | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulnCheck
Published: 2023-09-07T15:43:54.429Z
Updated: 2023-09-07T15:43:54.429Z
Reserved: 2023-04-18T10:31:45.962Z
Link: CVE-2023-30800
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-07T16:15:07.670
Modified: 2023-09-12T14:18:05.673
Link: CVE-2023-30800
JSON object: View
Redhat Information
No data.
CWE