CVE-2018-7445

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
mikrotikrouteros
𝑥
< 6.41.3
mikrotikrouteros
6.42:rc11
mikrotikrouteros
6.42:rc12
mikrotikrouteros
6.42:rc14
mikrotikrouteros
6.42:rc15
mikrotikrouteros
6.42:rc18
mikrotikrouteros
6.42:rc2
mikrotikrouteros
6.42:rc20
mikrotikrouteros
6.42:rc23
mikrotikrouteros
6.42:rc24
mikrotikrouteros
6.42:rc5
mikrotikrouteros
6.42:rc6
mikrotikrouteros
6.42:rc9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2018/Mar/38
http://www.securityfocus.com/bid/103427
https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow
https://www.exploit-db.com/exploits/44290/
http://seclists.org/fulldisclosure/2018/Mar/38
http://www.securityfocus.com/bid/103427
https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow
https://www.exploit-db.com/exploits/44290/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7445