Sign-up

ID

VAR-202003-1284


CVE

CVE-2018-5951


TITLE

Mikrotik RouterOS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2018-016223

DESCRIPTION

An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack. Mikrotik RouterOS There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality. A security vulnerability exists in Mikrotik RouterOS

Trust: 1.71

sources: NVD: CVE-2018-5951 // JVNDB: JVNDB-2018-016223 // VULHUB: VHN-135983

AFFECTED PRODUCTS

vendor:mikrotikmodel:routerosscope: - version: -

Trust: 1.4

vendor:mikrotikmodel:routerosscope:eqversion:*

Trust: 1.0

sources: JVNDB: JVNDB-2018-016223 // CNNVD: CNNVD-202003-036 // NVD: CVE-2018-5951

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-5951
value: HIGH

Trust: 1.0

NVD: JVNDB-2018-016223
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202003-036
value: HIGH

Trust: 0.6

VULHUB: VHN-135983
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-5951
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2018-016223
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-135983
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-5951
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2018-016223
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-135983 // JVNDB: JVNDB-2018-016223 // CNNVD: CNNVD-202003-036 // NVD: CVE-2018-5951

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2018-5951

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202003-036

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202003-036

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-016223

PATCH
title:Top Pageurl:https://mikrotik.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-016223

EXTERNAL IDS
db:NVDid:CVE-2018-5951
Trust: 2.5
db:JVNDBid:JVNDB-2018-016223
Trust: 0.8
db:CNNVDid:CNNVD-202003-036
Trust: 0.7
db:CNVDid:CNVD-2020-15579
Trust: 0.1
db:VULHUBid:VHN-135983
Trust: 0.1
sources:
            
            
            VULHUB: VHN-135983 // 
            
            
            
            JVNDB: JVNDB-2018-016223 // 
            
            
            
            CNNVD: CNNVD-202003-036 // 
            
            
            
            NVD: CVE-2018-5951

REFERENCES
url:https://github.com/nat-lab/cve-2018-5951
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2018-5951
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5951
Trust: 0.8
sources:
            
            
            VULHUB: VHN-135983 // 
            
            
            
            JVNDB: JVNDB-2018-016223 // 
            
            
            
            CNNVD: CNNVD-202003-036 // 
            
            
            
            NVD: CVE-2018-5951

SOURCES
db:VULHUBid:VHN-135983
db:JVNDBid:JVNDB-2018-016223
db:CNNVDid:CNNVD-202003-036
db:NVDid:CVE-2018-5951

LAST UPDATE DATE
2024-11-23T21:36:02.097000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-135983date:2020-03-04T00:00:00
db:JVNDBid:JVNDB-2018-016223date:2020-03-12T00:00:00
db:CNNVDid:CNNVD-202003-036date:2020-03-09T00:00:00
db:NVDid:CVE-2018-5951date:2024-11-21T04:09:44.273

SOURCES RELEASE DATE
db:VULHUBid:VHN-135983date:2020-03-02T00:00:00
db:JVNDBid:JVNDB-2018-016223date:2020-03-12T00:00:00
db:CNNVDid:CNNVD-202003-036date:2020-03-02T00:00:00
db:NVDid:CVE-2018-5951date:2020-03-02T22:15:12.827