MikroTik has revealed that there is one vulnerability in MikroTik routers, which could allow hackers to perform remote attacks and specifically denial-of-service attacks on devices with RouterOS.
The first issue was to restart the device. The reboot was triggered by the watchdog timer, since the device was overloaded and stopped responding.
The company has released security updates for RouterOS (CVE-2018-19299). However, some experts argue that there are still some devices that are vulnerable.
CVE-2018-19299 vulnerability affects MikroTik devices with IPv6 packets that have not received the information security. The vulnerability can be used by a hacker and cause problems with RAM.
“After troubleshooting the first issue, there was another issue with RAM, as the size of the IPv6 cache was larger than the available RAM. And this issue was corrected by introducing IPv6 automatic calculation based on available memory, ”the company said.
MikroTik has reviewed the issues in RouterOSv6.44.2, RouterOS v6.45beta23 and RouterOSv6.43.14.
However, according to experts, fixes do not work for all devices but for those that have more than 64MB of RAM.
Vulnerability has been known since April 2018 and was known to the company itself but it did not consider it a security vulnerability. However, data revealing the existence of the vulnerability and its exploitation by hackers.
CVE-2018-19299 vulnerability affects virtually all MikroTik devices. According to the Bleeping computer, MikroTik has released more 20 versions of RouterOS since it learned about vulnerability. This was because, first, it did not understand that it was a security error and secondly because it is at the core level, so it is not easy to fix.