Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MikroTik RouterOS 缓冲区错误漏洞
Vulnerability Description
MikroTik RouterOS是拉脱维亚MikroTik公司的一套基于Linux开发的路由器操作系统。该系统可部署在PC中,使其提供路由器功能。 MikroTik RouterOS 存在缓冲区错误漏洞,该漏洞源于SCEP服务器中存在基于堆的缓冲区溢出。攻击者控制SCEP服务器获得有效证书利用该漏洞进行远程代码执行。以下产品受到影响:mikrotik-vm-6.46、mikrotik-vm-6.46.8、mikrotik-tile-6.46.8、mikrotik-6.47.9 和 mikrotik-6.
CVSS Information
N/A
Vulnerability Type
N/A