PT-2019-3891 · Mikrotik · Routeros+1

Published

2019-10-28

Updated

2021-12-09

CVE-2019-3978

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions RouterOS versions 6.45.6 and below RouterOS versions 6.44.5 and below

Description The issue is related to the lack of authentication for a critical function in the RouterOS operating system. This allows a remote attacker to exploit the vulnerability by sending DNS queries through port 8291, potentially affecting the integrity of protected information. The queries are sent from the router to a server of the attacker's choice, and the DNS responses are cached by the router, which could result in cache poisoning.

Recommendations For RouterOS versions 6.45.6 and below, update to a version that includes a fix for this issue. For RouterOS versions 6.44.5 and below, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to port 8291 to minimize the risk of exploitation.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

BDU:2019-04284

CVE-2019-3978

Affected Products

Mikrotik Routeros

Routeros

PT-2019-3891 · Mikrotik · Routeros+1

CVE-2019-3978

Weakness Enumeration

Related Identifiers

Affected Products

References · 10