The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://vulncheck.com/advisories/mikrotik-jsproxy-dos |
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulnCheck
Published: 2023-09-07T15:43:54.429Z
Updated: 2024-08-02T14:37:15.351Z
Reserved: 2023-04-18T10:31:45.962Z
Link: CVE-2023-30800
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-07T16:15:07.670
Modified: 2023-09-12T14:18:05.673
Link: CVE-2023-30800
Redhat
No data.