Security issues discovered by Tenable23rd Aug, 2018 | Security
MikroTik was contacted by Tenable Inc. who had discovered several issues in RouterOS web server. The issues only affect authenticated users, meaning, to exploit them, there must be a known username and password on the device. Your data, access to the system and configuration are not under risk. All the below issues only allow the authenticated user (even a read-only user) to cause the www service to crash. Tenable has assigned CVE numbers to these issues.
- CVE-2018-1156: An authenticated user can trigger a stack buffer overflow.
- CVE-2018-1157: File upload memory exhaustion. An authenticated user can cause the www binary to consume all memory.
- CVE-2018-1158: Recursive JSON parsing stack exhaustion, which could allow an authenticated user to cause crash of the www service.
- CVE-2018-1159: www memory corruption, if connections are initiated and not properly cleaned up then a heap corruption occurs in www.
All of the above issues are fixed in the following RouterOS releases: 6.42.7, 6.40.9, 6.43