Denial of Service Vulnerability in MikroTik Router hAP Lite 6.25

Denial of Service Vulnerability in MikroTik Router hAP Lite 6.25

CVE-2017-6444 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation.

Learn more about our Network Penetration Testing.