CVE-2021-41987
N/A
N/A
Summary
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://mikrotik.com/download/archive
- https://teamt5.org/en/posts/vulnerability-mikrotik-cve-2021-41987/
References
- https://mikrotik.com/download/archive
- https://teamt5.org/en/posts/vulnerability-mikrotik-cve-2021-41987/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.