PT-2022-10526 · Mikrotik · Routeros+1
Cq674350529
+1
·
Published
2022-05-11
·
Updated
2022-10-18
·
CVE-2021-36613
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Mikrotik RouterOs versions prior to 6.48.2
Description
The issue is a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Recommendations
For versions prior to 6.48.2, update to stable version 6.48.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the ptp process to minimize the risk of exploitation.
Exploit
Fix
DoS
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mikrotik Routeros
Routeros