High severity7.5NVD Advisory· Published Mar 12, 2017· Updated May 13, 2026

CVE-2017-6444

Description

The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation.

Affected products

Mikrotik/Routeros
cpe:2.3:o:mikrotik:routeros:6.25:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploitalert.com/view-details.htmlnvdExploitThird Party Advisory
cxsecurity.com/issue/WLB-2017030029nvdExploitThird Party Advisory
packetstormsecurity.com/files/141449/Mikrotik-Hap-Lite-6.25-Denial-Of-Service.htmlnvdExploitThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/41601/nvdExploitThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.014
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000