Saturday, December 7, 2024
HomeComputer SecurityMikroTik RouterOS Vulnerability Allows Hackers to Perform DOS Attacks

MikroTik RouterOS Vulnerability Allows Hackers to Perform DOS Attacks

Published on

SIEM as a Service

A Serious vulnerability that discovered in MikroTik RouterOS allows attackers to perform DoS attack on the vulnerable router that causes the device to reboot.

MikroTik provides hardware and software for Internet connectivity around the world and they also created a RouterOS software.

This vulnerability allows the watchdog timer to reboots the router that causes device overloaded and eventually stop responding, the issue was addressed and fixed.

- Advertisement - SIEM as a Service

But another issue caused the memory to be filled because IPv6 route cache size could be bigger than the available RAM.

This flaw also was fixed by introducing automatic cache size calculation based on available memory, MikroTik said.

MikroTik patches flaw CVE-2018-19299, but an unpatched MikroTik router that routes the traffic via IPV6 will be affected.

It allows an attacker to take down the MikroTik router and exhausting the RAM by routes the malicious traffic via IPV6.

According to MikroTik, Both fixes are released already in RouterOS versions that were published April 2019 (all release chains: RouterOS v6.44.2, RouterOS v6.45beta23, and RouterOS v6.43.14). 

This fixes working in the following way,

  • ipv6 – fixed soft lockup when forwarding IPv6 packets
  • ipv6 – fixed soft lockup when processing large IPv6 Neighbor table
  • ipv6 – adjust IPv6 route cache max size based on total RAM memory

it means that the current fixes possibly apply to the current version (v6.44.2) and long term (v6.43.14) release versions and this fixes only for the device that contains more than RAM 64 MB size.

So if the routers with RouterOS 6.44.2 do not crash if they have enough memory.

MikroTik advised to Upgrade to any RouterOS version released after April 1st, 2019.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Hackers Hijacked 7,500+ MikroTik Routers and Redirecting User Traffic to Attackers

Hackers Attack Over 200,000 MikroTik Routers & Infected with Mass Coinhive Cryptojacking Malware

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...