CVE-2018-7445
MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability
CVSS
—
Sin CVSS
EPSS
61.0%
p99
KEV
SÍ
8 sept 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
MikroTik / RouterOS
Vulnerabilidad
MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability
Añadido a KEV
8 sept 2022
Remediar antes de
29 sept 2022
Uso conocido en ransomware
No
Descripción resumida
In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.
Acción requerida
Apply updates per vendor instructions.
Notas
https://www.coresecurity.com/core-labs/advisories/mikrotik-routeros-smb-buffer-overflow#vendor_update, https://mikrotik.com/download; https://nvd.nist.gov/vuln/detail/CVE-2018-7445