Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can trick the router into "upgrading" to an older version of RouterOS and possibly reseting all the system's usernames and passwords.
CVSS Information
N/A
Vulnerability Type
下载代码缺少完整性检查
Vulnerability Title
MikroTik RouterOS 安全漏洞
Vulnerability Description
MikroTik RouterOS是拉脱维亚MikroTik公司的一套基于Linux开发的路由器操作系统。该系统可部署在PC中,使其提供路由器功能。 MikroTik RouterOS 6.45.6 Stable及之前版本和6.44.5 Long-term及之前版本中存在安全漏洞,该漏洞源于程序没有充分验证更新包下载的来源。攻击者可利用该漏洞获取系统全部的用户名称和密码。
CVSS Information
N/A
Vulnerability Type
N/A