GeneralInformation

Country	Iran, Islamic Republic of
City	Shiraz
Organization	Ravand Tazeh Co,.PJS.
ISP	Ravand Tazeh Co,.PJS.
ASN	AS59431

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2022(3)

CVE-2022-45315

9.8Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.

CVE-2022-45313

8.8Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.

CVE-2022-36522

6.5Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

2021(5)

CVE-2021-41987

8.1In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.

CVE-2021-36614

6.5Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

CVE-2021-36613

6.5Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

CVE-2021-27221

8.1MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work

CVE-2021-3014

6.1In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.

2020(1)

CVE-2020-20231

6.5Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

2018(1)

CVE-2018-5951

7.5An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.

OpenPorts

22 53 443 1723 2000 8291

22 / tcp

528166052 | 2025-03-15T20:35:49.327252

SSH-2.0-ROSSSH
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAABAwAAAQEAwKRzaWjg+i2LjvlBZXhCMuLNEpjTkUqPy1WrKZmOI8CuDIQf
SgXe/jvJmNCL+73HLD249JRl0nJJssfXme+4Q7tL68J9fN3OwBRipejOdTYJ0yIY/iXUH5GFNcBz
xcAb1BHDNvwFoGI7yrHJzfiW4Ju/tIT19LjhSmiG+Pfi0sGuwpNoPLZAM6E7gnW1g2XPwgsiAago
hHjUPSoh/Eh5/gtE5XkZQnhlMFbl+lZNM8Fw0E6jXfJiiszIBFiUbdqnj9M/KY1lIQMARQNZ5+QV
CPJqErQv+N0L8fAfwu894I7MYtss0sYmc3vz65rGCqogIjIPHezjbFdQUr7x2qVWDw==
Fingerprint: 1a:4e:45:23:59:f8:90:f4:ff:1d:2d:e2:98:4d:b3:fa

Kex Algorithms:
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha1
	diffie-hellman-group1-sha1

Server Host Key Algorithms:
	ssh-dss
	rsa-sha2-256
	ssh-rsa

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-cbc
	aes192-cbc
	aes256-cbc
	blowfish-cbc
	3des-cbc

MAC Algorithms:
	hmac-sha1
	hmac-md5

Compression Algorithms:
	none

1723 / tcp

-22409833 | 2025-03-23T09:44:25.388481

PPTP:
  Firmware: 1
  Hostname: -=MSN-DNS=-
  Vendor: MikroTik

2000 / tcp

-1538260461 | 2025-03-17T07:12:47.468907

\x01\x00\x00\x00

8291 / tcp

-796204946 | 2025-03-22T03:01:18.175242

MikroTik Winbox:
  index:
    advtool.dll: 6.47.9
    dhcp.dll: 6.47.9
    hotspot.dll: 6.47.9
    mpls.dll: 6.47.9
    ppp.dll: 6.47.9
    roteros.dll: 6.47.9
    roting4.dll: 6.47.9
    secure.dll: 6.47.9
    system.dll: 6.47.9
    ups.dll: 6.47.9
    wlan6.dll: 6.47.9
  list:
    advtool.jg: 6.47.9
    dhcp.jg: 6.47.9
    hotspot.jg: 6.47.9
    icons.png: 6.47.9
    icons24.png: 
    icons32.png: 
    mpls.jg: 6.47.9
    ppp.jg: 6.47.9
    roteros.jg: 6.47.9
    roting4.jg: 6.47.9
    secure.jg: 6.47.9
    ups.jg: 6.47.9
    wlan6.jg: 6.47.9

Vulnerabilities

1 4 5

164.138.19.17

Last Seen: 2025-03-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

22 / tcp

528166052 | 2025-03-15T20:35:49.327252

1723 / tcp

-22409833 | 2025-03-23T09:44:25.388481

PPTP

2000 / tcp

-1538260461 | 2025-03-17T07:12:47.468907

MikroTik bandwidth-test server

8291 / tcp

-796204946 | 2025-03-22T03:01:18.175242

MikroTik Winbox

Products

Pricing

Contact Us

164.138.19.17

Last Seen: 2025-03-23

Tags:

GeneralInformation

Vulnerabilities All ports Port 8291 Latest CVSS

OpenPorts

22 / tcp 528166052 | 2025-03-15T20:35:49.327252

1723 / tcp -22409833 | 2025-03-23T09:44:25.388481

PPTP

2000 / tcp -1538260461 | 2025-03-17T07:12:47.468907

MikroTik bandwidth-test server

8291 / tcp -796204946 | 2025-03-22T03:01:18.175242

MikroTik Winbox

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

528166052 | 2025-03-15T20:35:49.327252

1723 / tcp

-22409833 | 2025-03-23T09:44:25.388481

2000 / tcp

-1538260461 | 2025-03-17T07:12:47.468907

8291 / tcp

-796204946 | 2025-03-22T03:01:18.175242