Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-10070

EPSS 17.84% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-10070

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MikroTik 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MikroTik是拉脱维亚MikroTik公司的一套基于Linux核心开发的路由操作系统。该系统可将PC电脑变成专业路由器。 MikroTik 6.41.4版本中存在安全漏洞。远程攻击者可通过在21端口上发送以多个‘\0’开头的特制请求利用该漏洞阻止路由器接受新的FTP连接(可用的CPU和RAM耗尽)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2018-10070

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-10070

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-04-16 · 20 CVEs total

CVE-2017-10140Postfix Berkeley DB 安全漏洞
CVE-2018-10122QingDao Nature Easy Soft Chanzhi Enterprise Portal System 安全漏洞
CVE-2018-10106D-Link DIR-815 REV. B 安全漏洞
CVE-2018-10107D-Link DIR-815 REV. B 跨站脚本漏洞
CVE-2018-10108D-Link DIR-815 REV. B 跨站脚本漏洞
CVE-2018-10124Linux kernel 安全漏洞
CVE-2018-10133PbootCMS 安全漏洞
CVE-2018-10132PbootCMS 跨站请求伪造漏洞
CVE-2018-10128XYHCMS 跨站脚本漏洞
CVE-2018-10127XYHCMS 跨站请求伪造漏洞
CVE-2018-10177ImageMagick 安全漏洞
CVE-2018-10137IScripts UberforX Admin Panel 跨站请求伪造漏洞
CVE-2018-10136IScripts UberforX Admin Panel 跨站脚本漏洞
CVE-2018-10135IScripts eSwap User Panel 跨站脚本漏洞
CVE-2015-1952IBM AppScan Enterprise Edition 跨站脚本漏洞
CVE-2018-10138DNN CATALooK.netStore模块跨站脚本漏洞
CVE-2018-10170NordVPN for Windows 权限许可和访问控制问题漏洞
CVE-2018-10169ProtonVPN for Windows 权限许可和访问控制问题漏洞
CVE-2018-101727-Zip for Windows 安全漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2018-10070

No comments yet

Leave a comment