Vulnerability Description
The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mikrotik | Routeros | < 6.37.5 |
Related Weaknesses (CWE)
References
- https://github.com/BigNerd95/Chimay-RedExploitThird Party Advisory
- https://www.bleepingcomputer.com/news/security/hajime-botnet-makes-a-comeback-wiExploitThird Party Advisory
- https://github.com/BigNerd95/Chimay-RedExploitThird Party Advisory
- https://www.bleepingcomputer.com/news/security/hajime-botnet-makes-a-comeback-wiExploitThird Party Advisory
FAQ
What is CVE-2017-20149?
CVE-2017-20149 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by send...
How severe is CVE-2017-20149?
CVE-2017-20149 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-20149?
Check the references section above for vendor advisories and patch information. Affected products include: Mikrotik Routeros.