CVE List

CVE-2019-13955

Moderate 6.5

Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.

Published July 26, 2019.

Affected software

Mikrotik Routeros

Get alerts for Mikrotik Routeros

Reference links