CVE-2019-13074
HIGHMikroTik RouterOS < 6.44.3 - Denial of Service via FTP Daemon Memory Exhaustion
Title source: llmDescription
A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://forum.mikrotik.com/viewtopic.php?t=150045
Release Notes, Vendor Advisory x_refsource_confirm
https://mikrotik.com/download/changelogs/stable-release-tree
Scores
CVSS v3
7.5
EPSS
0.0205
EPSS Percentile
78.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-770
Status
published
Products (1)
mikrotik/routeros
< 6.44.3
Published
Jul 03, 2019
Tracked Since
Feb 18, 2026