In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-16T14:44:58
Updated: 2024-08-04T03:22:25.697Z
Reserved: 2021-10-04T00:00:00
Link: CVE-2021-41987
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-03-16T15:15:14.547
Modified: 2024-11-21T06:27:01.380
Link: CVE-2021-41987
Redhat
No data.