CVE-2023-30800 - OpenCVE

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mikrotik	Routeros

Configuration 1 [-]

cpe:2.3:o:mikrotik:routeros:*:*:*:*:-:*:*:*

No data.

References

Link	Providers
https://vulncheck.com/advisories/mikrotik-jsproxy-dos

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2023-09-07T15:43:54.429Z

Updated: 2024-08-02T14:37:15.351Z

Reserved: 2023-04-18T10:31:45.962Z

Link: CVE-2023-30800

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-09-07T16:15:07.670

Modified: 2023-09-12T14:18:05.673

Link: CVE-2023-30800

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-30800", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2023-04-18T10:31:45.962Z", "datePublished": "2023-09-07T15:43:54.429Z", "dateUpdated": "2024-08-02T14:37:15.351Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "platforms": ["x86", "ARM", "PPC", "MIPSBE"], "product": "RouterOS", "vendor": "MikroTik", "versions": [{"status": "unaffected", "version": "6.49.10"}, {"status": "affected", "version": "6.49.9"}, {"status": "affected", "version": "6.48.8"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jacob Baines"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.<br>"}], "value": "The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.\n"}], "impacts": [{"capecId": "CAPEC-123", "descriptions": [{"lang": "en", "value": "CAPEC-123 Buffer Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2023-09-07T15:43:54.429Z"}, "references": [{"url": "https://vulncheck.com/advisories/mikrotik-jsproxy-dos"}], "source": {"discovery": "UNKNOWN"}, "title": "MikroTik RouterOS Web Interface Heap Corruption", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:37:15.351Z"}, "title": "CVE Program Container", "references": [{"url": "https://vulncheck.com/advisories/mikrotik-jsproxy-dos", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mikrotik:routeros:*:*:*:*:-:*:*:*", "matchCriteriaId": "3C171D42-9A4F-43E0-BF7C-13A7FEC2F049", "versionEndExcluding": "6.49.10", "versionStartIncluding": "6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.\n"}, {"lang": "es", "value": "El servidor web utilizado por MikroTik RouterOS versi\u00f3n 6 se ve afectado por un problema de corrupci\u00f3n de memoria. Un atacante remoto y no autenticado puede da\u00f1ar la memoria de almacenamiento din\u00e1mico del servidor mediante el env\u00edo de una solicitud HTTP manipulada. Como resultado, la interfaz web se bloquea y se reinicia inmediatamente. El problema se solucion\u00f3 en RouterOS 6.49.10 stable. RouterOS versi\u00f3n 7 no se ve afectado."}], "id": "CVE-2023-30800", "lastModified": "2023-09-12T14:18:05.673", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2023-09-07T16:15:07.670", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://vulncheck.com/advisories/mikrotik-jsproxy-dos"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}