Thursday, March 28, 2019

Unpatched vulnerability in MikroTik routers enable easily exploitable DoS attack

A critical vulnerability in MikroTik’s RouterOS handling of IPv6 packets allows for “remote, unauthenticated denial of service,” according to security researcher Marek Isalski. According to a post on MikroTik’s user forum, the new vulnerability is “a memory exhaustion issue. You send a v6 packet formed in a certain way to a Mikrotik router and the kernel leaks a bit of memory. When memory runs out the router crashes, I assume until the watchdog reboots it. There is no way to firewall as whatever this characteristic is that causes the problem can be set with any v6 packet.”



No comments:

Post a Comment