BID:31025

MikroTik RouterOS SNMP Security Bypass Vulnerability

Info

MikroTik RouterOS SNMP Security Bypass Vulnerability

Bugtraq ID:	31025
Class:	Design Error
CVE:	CVE-2008-6976
Remote:	Yes
Local:	No
Published:	Sep 05 2008 12:00AM
Updated:	Apr 16 2015 05:54PM
Credit:	ShadOS
Vulnerable:	MikroTik RouterOS 2.9.51 MikroTik RouterOS 2.9.50 MikroTik RouterOS 2.9.49 MikroTik RouterOS 2.9.48 MikroTik RouterOS 2.9.47 MikroTik RouterOS 2.9.46 MikroTik RouterOS 2.9.45 MikroTik RouterOS 2.9.44 MikroTik RouterOS 2.9.43 MikroTik RouterOS 2.9.42 MikroTik RouterOS 2.9.41 MikroTik RouterOS 2.9.40 MikroTik RouterOS 3.13 MikroTik RouterOS 3.12 MikroTik RouterOS 3.11 MikroTik RouterOS 3.10 MikroTik RouterOS 3.09 MikroTik RouterOS 3.08 MikroTik RouterOS 3.07 MikroTik RouterOS 3.0

Not Vulnerable:

Discussion

MikroTik RouterOS SNMP Security Bypass Vulnerability

MikroTik RouterOS is prone to a security-bypass vulnerability because the software fails to sufficiently sanitize SNMP requests.

Successfully exploiting this issue allows attackers to write to and change certain aspects of the Network Management System (NMS). This may aid in further attacks.

Versions up to and including RouterOS 3.13 and 2.9.51 are vulnerable.

Exploit / POC

MikroTik RouterOS SNMP Security Bypass Vulnerability

The following exploit is available:

/data/vulnerabilities/exploits/31025.c

Solution / Fix

MikroTik RouterOS SNMP Security Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

MikroTik RouterOS SNMP Security Bypass Vulnerability

References:

RouterOS Homepage (MikroTik)