CVE-2018-1158

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash…

tenable·CWE-674·Published 2018-08-23

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

183 chars

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.

NVDen

183 chars

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.

NVDes

246 chars

Mikrotik RouterOS en versiones anteriores a la 6.42.7 y 6.40.9 es vulnerable a una vulnerabilidad de agotamiento de pila. Un atacante remoto autenticado puede provocar el cierre inesperado del servidor HTTP mediante el análisis recursivo de JSON.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:N/I:N/A:P
3.0	Primary	NVD	6.5	2.8	3.6	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H