Full title: MikroTik RouterOS Denial Of Service / Memory Corruption Vulnerability 
Category: web applications
Platform: hardware
MikroTik RouterOS suffers from two vulnerabilities. The cerm process suffers from an uncontrolled resource consumption issue. By sending a crafted packet, an authenticated remote user can cause a high cpu load, which may make the device respond slowly or unable to respond. Versions until stable 6.45.7 are affected. The traceroute process suffers from a memory corruption issue. By sending a crafted packet, an authenticated remote user can crash the traceroute process due to invalid memory access. Versions until stable 6.46.4 are affected.

# 0day.today @ http://0day.today/