Primary

Context

Routinator ASN String Handling Vulnerability Leading to Crash

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Routinator versions prior to and including 0.15.1. When a specifically crafted non-UTF-8 string is sent as the select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes. This issue only affects users who permit API access from untrusted networks.

Impact

Exploitation of this vulnerability causes Routinator to crash, disrupting service.

Remediation

Users are advised to upgrade to Routinator version 0.15.2 or later.

Added: Jun 8, 2026, 4:04 PM

Updated: Jun 8, 2026, 4:04 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.8

remediation

7.7

relevance

9.3

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.8

remediation

7.7

relevance

9.3

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Routinator ASN String Handling Vulnerability Leading to Crash

Vulnerability

Impact

Remediation

Affected Products

NLnet Labs Routinator

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating