In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-16T14:44:58

Updated: 2024-08-04T03:22:25.697Z

Reserved: 2021-10-04T00:00:00

Link: CVE-2021-41987

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-16T15:15:14.547

Modified: 2024-11-21T06:27:01.380

Link: CVE-2021-41987

cve-icon Redhat

No data.