CVE-2017-20149 The Mikrotik RouterOS web server can be vulnerable to memory corruption, aka Chimay-Red, if a remote and unauthenticated user sends a crafted HTTP request.

In addition, this vulnerability can be exploited by attackers using social engineering techniques, such as sending an email with an attachment or posting a malicious link on a social media site. There is no workaround for this vulnerability. However, reducing the risk of exploitation can be done by following best practices such as limiting remote access to the device, updating the device’s firmware, and avoiding installing unneeded applications. VENDOR UPDATE - Mikrotik released a patch in June 2018 which addresses the Chimay-Red vulnerability.inch

CVE-2018-10877 - A remote code execution vulnerability exists in the “Convert IPv6 to IPv4” feature of Mikrotik devices when an attacker sends a malicious request to an affected device. An attacker can send a request to an affected device that causes the device to return a specially crafted IPv6 packet over the IPv4 network. Such a response would cause most web servers and other applications that rely on the IPv4 protocol to crash and fail to process the request.

CVE-2018-10878 - A remote code execution vulnerability exists in the “Convert IPv6 to IPv4” feature of Mikrotik devices when an attacker sends a malicious request to an affected device. An attacker can send a request to an affected device that causes the device to return a specially crafted IPv6 packet over the IPv4 network. Such a response would cause most web servers and other applications that rely on the IPv4 protocol to crash and

Mitigation strategies for MikrotiK Cloud Platform

Mitigation Strategies for MikrotiK Cloud Platform:
- Limit access to the device.
- Update firmware.
- Avoid installing unnecessary applications.

Timeline

Published on: 10/15/2022 02:15:00 UTC
Last modified on: 10/20/2022 13:32:00 UTC

References