PT-2017-14847 · Mikrotik · Routerboard
Published
2017-12-13
·
Updated
2018-01-12
·
CVE-2017-17537
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
MikroTik RouterBOARD versions 6.39.2 through 6.40.5
Description
The issue allows an unauthenticated remote attacker to cause a denial of service. This can be achieved by connecting to TCP port 53 and sending data that begins with many '0' characters, which is possibly related to DNS.
Recommendations
For versions 6.39.2 through 6.40.5, consider restricting access to TCP port 53 as a temporary workaround to minimize the risk of exploitation.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Routerboard