CVE-2023-30800 PoC — MikroTik RouterOS 缓冲区错误漏洞

Source

Associated Vulnerability

Title:MikroTik RouterOS 缓冲区错误漏洞 (CVE-2023-30800)
Description:MikroTik RouterOS是拉脱维亚MikroTik公司的一套基于Linux开发的路由器操作系统。该系统可部署在PC中，使其提供路由器功能。 MikroTik RouterOS 6.49.1之前版本存在安全漏洞，该漏洞源于存在堆内存损坏问题，未经身份验证的远程攻击者可以通过发送精心设计的HTTP请求来破坏服务器的堆内存。

Description

CVE-2023-30800

Readme

# MikroTik JSProxy Denial of Service (CVE-2023-30800)

This script exploits a denial of service vulnerability (CVE-2023-30800) affecting older versions of MikroTik RouterOS. When executed, it will cause the targeted router to stop responding.

## Affected Versions

This vulnerability is present in older versions of MikroTik RouterOS. Ensure that you are aware of the version you are testing against.

## How to Use

To run the script, follow these steps:

1. Make sure you have Python installed on your machine.
2. Run the script with the following command:

   ```bash
   python CVE-2023-30800.py

File Snapshot


 [4.0K]  /data/pocs/bfded36e3c0538e6505bbe85b11e3027f05dc5d6
├── [2.0K]  CVE-2023-30800.py
├── [1.0K]  LICENSE
└── [ 617]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!