SB2018082501 - Multiple vulnerabilities in Mikrotik RouterOS

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Stack-based buffer overflow (CVE-ID: CVE-2018-1156)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the license upgrade interface. A remote authenticated attacker can send a specially crafted request to the affected device, trigger stack-based buffer overflow and execute arbitrary code on the system.

2) Denial of service (CVE-ID: CVE-2018-1157)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when processing requests within the HTTP server. A remote authenticated attacker can send specially crafted requests to the affected device and crash the HTTP server or reload the router.

3) Denial of service (CVE-ID: CVE-2018-1158)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when parsing recursive JSON requests within the HTTP server. A remote authenticated attacker can send specially crafted requets to the affected device and crash the HTTP server.

4) Memory corruption (CVE-ID: CVE-2018-1159)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the HTTP server. A remote authenticated attacker can crash the affected HTTP server by rapidly authenticating and disconnecting.

Remediation

Install update from vendor's website.

References

• https://mikrotik.com/download/changelogs