griffinsectio

2 exploits Active since Sep 2023
CVE-2023-30800 NOMISEC HIGH WORKING POC
MikroTik RouterOS 6.0-6.49.9 - Unauthenticated Denial of Service via HTTP Request
The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.
CVSS 7.5
CVE-2023-30800 NOMISEC HIGH WORKING POC
MikroTik RouterOS 6.0-6.49.9 - Unauthenticated Denial of Service via HTTP Request
The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.
CVSS 7.5