PT-2019-2662 · Mikrotik · Mikrotik+1

Publicado

2019-07-01

Atualizado

2020-08-24

CVE-2019-13074

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions MikroTik routers versions through 6.44.3

Description A vulnerability in the FTP daemon could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. The issue is related to uncontrolled memory allocation, which can be exploited by remote attackers to reboot the device.

Recommendations For versions through 6.44.3, consider disabling the FTP daemon as a temporary workaround until a patch is available. Restrict access to the FTP service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Allocation of Resources Without Limits

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770CWE-789

Identificadores relacionados

BDU:2019-02548

CVE-2019-13074

Produtos afetados

Mikrotik

Mikrotik Routeros

PT-2019-2662 · Mikrotik · Mikrotik+1

CVE-2019-13074

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7