QwikSec

Security Database

CVE

CWE

Training

CVE-2017-8338

Published: May 18, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; all devices will be disconnected from the router and all logs removed automatically.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cxsecurity.com/issue/WLB-2017050062

x_refsource_MISC

https://www.vulnerability-lab.com/get_content.php?id=2064

x_refsource_MISC

http://seclists.org/fulldisclosure/2017/May/59

x_refsource_MISC

https://packetstormsecurity.com/files/142538/MikroTik-RouterBoard-6.38.5-Denial-Of-Service.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2017-8338 - Security Vulnerability | QwikSec