SMB: Mikrotik RouterOS CVE-2018-7445 Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Mikrotik RouterOS. A successful exploit can lead to arbitrary command execution on the host operating system via vulnerable application
Extended Description
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable.
Affected Products
Mikrotik routeros
References
CVE: CVE-2018-7445
Short Name
SMB:NETBIOS:MIKROTIK-ROS-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
Buffer CVE-2018-7445 Mikrotik Overflow RouterOS
Release Date
06/05/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Mikrotik
CVSS Score
10.0