CVE-2018-7445 — MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability
2022-09-08 • CISA Known Exploited Vulnerability
[event] In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | MikroTik |
| Product | RouterOS |
| CWE | CWE-119 |
| CVE ID | CVE-2018-7445 |
| Date Added | 2022-09-08 |
| Due Date | 2022-09-29 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-09-29