CVE-2018-7445

Name of the Vulnerable Software and Affected Versions MikroTik RouterOS versions prior to 6.41.3/6.42rc27

Description The issue is caused by a buffer overflow in the SMB service of MikroTik RouterOS, allowing remote attackers to execute arbitrary code on the system. This can be exploited before authentication takes place, making it possible for unauthenticated remote attackers to gain code execution.

Recommendations For versions prior to 6.41.3/6.42rc27, update to version 6.41.3 or 6.42rc27, or later, to resolve the issue. As a temporary workaround, consider restricting access to the SMB service until a patch is applied.