CVE-2020-20247

Beschreibung:
Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.

CWE: CWE-119

CVSS-Bewertung
CVSS 2: MEDIUM – 4 (Version: 2.0)
CVSS 3: MEDIUM – 6.5 (Version: 3.1)

Links:

NVD – CVE-2020-20247
CVE – CVE-2020-20247

Link (max. 20) Quelle Tags
https://seclists.org/fulldisclosure/2020/May/30 MISC Mailing List Third Party Advisory Third Party Advisory
https://packetstormsecurity.com/files/162406/OX-App-Suite-OX-Guard-SSRF-DoS-Cross-Site-Scripting.html MISC Exploit Third Party Advisory VDB Entry
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028 MISC Exploit Third Party Advisory
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279030 MISC
https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029 MISC

Quelle: NVD – CVE-2020-20247
Datum Veröffentlichung: 2021-05-03T16:15Z, Datum letzte Änderung: 2021-05-10T12:43Z