SecuritySpace - CVE-2023-30800

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-30800

Description: The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.

Test IDs: 1.3.6.1.4.1.25623.1.0.150998

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-30800
https://vulncheck.com/advisories/mikrotik-jsproxy-dos
https://vulncheck.com/advisories/mikrotik-jsproxy-dos

CVE ID:	CVE-2023-30800
Description:	The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.
Test IDs:	1.3.6.1.4.1.25623.1.0.150998
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-30800 https://vulncheck.com/advisories/mikrotik-jsproxy-dos https://vulncheck.com/advisories/mikrotik-jsproxy-dos