← back
CVE-2018-7445

CVE-2018-7445

CVSS 9.8 CRITICALEPSS 61.0%● KEVCWE-119
In short

A buffer overflow flaw in MikroTik RouterOS's SMB service allows unauthenticated attackers to send specially crafted network messages and execute arbitrary code on the router without needing a password.

Technical detail

Remote, unauthenticated buffer overflow in SMB NetBIOS session request handling (CWE-119) occurs prior to authentication validation, enabling arbitrary code execution via malformed messages. Affects all RouterOS architectures before 6.41.3/6.42rc27.

Summary generated and translated by AI from the official description.
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44290/unverifiedexploitdbwww.exploit-db.com/exploits/44290unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2018/Mar/38https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7445https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflowhttps://www.exploit-db.com/exploits/44290/http://www.securityfocus.com/bid/103427