Main Vulnerability Database Exploits ID:4599 - Exploit for Improper Validation of Array Index in MikroTik RouterOS - CVE-2020-11881

ID:4599 - Exploit for Improper Validation of Array Index in MikroTik RouterOS - CVE-2020-11881

Published: September 16, 2020

Vulnerability identifier: #VU46736

Vulnerability risk: Medium

CVE-ID: CVE-2020-11881

CWE-ID: CWE-129

Exploitation vector: Remote access

Vulnerable software:
MikroTik RouterOS

Link to public exploit:

https://github.com/botlabsDev/CVE-2020-11881

Vulnerability description

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to improper validation of array index when processing setup-requests in a built-in SMB server. A remote non-authenticated attacker can send specially crafted setup-request packets and crash the SMB server.

Remediation

Install updates from vendor's website.

ID:4599 - Exploit for Improper Validation of Array Index in MikroTik RouterOS - CVE-2020-11881

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human