MikroTik RouterOS < 6.40.9 / 6.42.7 / 6.43 multiple vulnerabilities.

High Nessus Plugin ID 112114

Synopsis

The remote networking device is affected by multiple vulnerabilities.

Description

According to its self-reported version, the remote networking device is running a version of MikroTik prior to 6.40.9, 6.41.x < 6.42.7, or 6.43. It, therefore, vulnerable to multiple vulnerabilities.

Solution

Upgrade to MikroTik RouterOS 6.40.9 / 6.42.7 / 6.43 or later.

See Also

http://www.nessus.org/u?237622b9

http://www.nessus.org/u?f9e2af40

http://www.nessus.org/u?c37b423c

Plugin Details

Severity: High

ID: 112114

File Name: mikrotik_aug_2018.nasl

Version: 1.2

Type: remote

Family: Misc.

Published: 2018/08/24

Modified: 2018/09/17

Dependencies: 30212

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2018-1156

CVSS v2.0

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/o:mikrotik:routeros

Required KB Items: MikroTik/RouterOS/Version

Patch Publication Date: 2018/08/20

Vulnerability Publication Date: 2018/08/22

Reference Information

CVE: CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159