CVE-2020-20247
First published: Mon May 03 2021(Updated: )
Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MikroTik RouterOS | <6.46.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Mikrotik RouterOs vulnerability?
The vulnerability ID for this Mikrotik RouterOS vulnerability is CVE-2020-20247.
What is the description of vulnerability CVE-2020-20247?
Vulnerability CVE-2020-20247 is a memory corruption vulnerability in the /nova/bin/traceroute process of Mikrotik RouterOS before 6.46.5 (stable tree). An authenticated remote attacker can cause a Denial of Service via the loop counter variable.
What software versions are affected by CVE-2020-20247?
Mikrotik RouterOS versions up to and excluding 6.46.5 are affected by vulnerability CVE-2020-20247.
What is the severity of vulnerability CVE-2020-20247?
The severity of vulnerability CVE-2020-20247 is medium with a severity value of 6.5.
Is there a reference for vulnerability CVE-2020-20247?
Yes, you can find a reference for vulnerability CVE-2020-20247 at the following link: https://seclists.org/fulldisclosure/2020/May/30
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/mikrotik
- canonical/mikrotik routeros