Denial of Service Vulnerability in MikroTik Version 6.41.4

Denial of Service Vulnerability in MikroTik Version 6.41.4

CVE-2018-10070 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message.

Learn more about our Web Application Penetration Testing UK.