CVE-2026-7668— MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-bounds
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-7668
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-bounds
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存读
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mikrotik RouterOS 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mikrotik RouterOS是拉脱维亚Mikrotik公司的一个网络设备操作系统。 Mikrotik RouterOS 6.49.8版本存在缓冲区错误漏洞,该漏洞源于nova/lib/www/scep.p库中ASN1_STRING_data函数对参数transactionID/messageType的操作,可能导致越界读取。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-7668
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCVerified env Premium
claude_code · 9479 chars
Paid plan includes:
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month
III. Intelligence Information for CVE-2026-7668
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: RouterOS
- CVE-2025-42611
Improper certificate validation in multiple RouterOS service - CVE-2025-10948
MikroTik RouterOS libjson.so print parse_json_element buffer - CVE-2025-6563
Cross-site scripting via dst parameter in RouterOS WiFi hots - CVE-2025-6443
Mikrotik RouterOS VXLAN Source IP Improper Access Control Vu - CVE-2023-32154
Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Exec
Same vendor: MikroTik
- CVE-2025-42611
Improper certificate validation in multiple RouterOS service - CVE-2025-10948
MikroTik RouterOS libjson.so print parse_json_element buffer - CVE-2025-6563
Cross-site scripting via dst parameter in RouterOS WiFi hots - CVE-2025-6443
Mikrotik RouterOS VXLAN Source IP Improper Access Control Vu - CVE-2023-32154
Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Exec
Same weakness: CWE-125
- CVE-2026-8177
XML::LibXML versions through 2.0210 for Perl read out-of-bou - CVE-2026-6104
Global buffer over-read in mb_convert_encoding() with attack - CVE-2026-7258
Out-of-bounds read in urldecode() on NetBSD - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-3508
ASUS System Control Interface 缓冲区错误漏洞
V. Comments for CVE-2026-7668
No comments yet