CVE-2020-10364
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
Affected (1)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 6.44.3 |
| Running on/with | Platform Versions |
|---|---|
Mikrotik Ccr1009 7g 1c 1s+ | All versions |
Mikrotik Ccr1009 7g 1c 1s+pc | All versions |
Mikrotik Ccr1009 7g 1c Pc | All versions |
Mikrotik Ccr1016 12g | All versions |
Mikrotik Ccr1016 12s 1s+ | All versions |
Mikrotik Ccr1036 12g 4s | All versions |
Mikrotik Ccr1036 12g 4s Em | All versions |
Mikrotik Ccr1036 8g 2s+ | All versions |
Mikrotik Ccr1036 8g 2s+em | All versions |
Mikrotik Ccr1072 1g 8s+ | All versions |
Mikrotik Hex | All versions |
Mikrotik Hex Lite | All versions |
Mikrotik Hex Poe | All versions |
Mikrotik Hex Poe Lite | All versions |
Mikrotik Hex S | All versions |
Mikrotik Powerbox | All versions |
Mikrotik Powerbox Pro | All versions |
Mikrotik Rb1100ahx4 | All versions |
Mikrotik Rb2011il In | All versions |
Mikrotik Rb2011il Rm | All versions |
Mikrotik Rb2011ils In | All versions |
Mikrotik Rb2011uias In | All versions |
Mikrotik Rb2011uias Rm | All versions |
Mikrotik Rb3011uias Rm | All versions |
Mikrotik Rb4011igs+rm | All versions |
References (4)
Source: cve@mitre.org
ExploitMitigationThird Party AdvisoryVDB Entry
Source: cve@mitre.org
ExploitMitigationThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMitigationThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMitigationThird Party AdvisoryVDB Entry
Timeline
No history available yet.