CVE-2018-7445 - MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability
Project:MikroTik
Product:RouterOS
Date Added:2022-09-08Due Date:2022-09-29
Vulnerability Name
MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability
Description
In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://www.coresecurity.com/core-labs/advisories/mikrotik-routeros-smb-buffer-overflow#vendor_update, https://mikrotik.com/download
https://nvd.nist.gov/vuln/detail/CVE-2018-7445