MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router’s firewall or for general network scanning activities.
[
{
"product": "MikroTik RouterOS",
"vendor": "Tenable",
"versions": [
{
"status": "affected",
"version": "RouterOS long-term 6.42.11 and below, RouterOS stable 6.43.11 and below"
}
]
}
]