CVE-2023-30800

Name of the Vulnerable Software and Affected Versions MikroTik RouterOS versions prior to 6.49.10

Description The web server used by MikroTik RouterOS is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted.

Recommendations For versions prior to 6.49.10, update to RouterOS 6.49.10 stable or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation.