Lucene search

K
cvelistTenableCVELIST:CVE-2019-3943
HistoryApr 10, 2019 - 8:01 p.m.

CVE-2019-3943

2019-04-1020:01:00
CWE-23
tenable
www.cve.org

8.1 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.4%

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk).

CNA Affected

[
  {
    "product": "RouterOS",
    "vendor": "MikroTik",
    "versions": [
      {
        "status": "affected",
        "version": "Stable 6.43.12 and below"
      },
      {
        "status": "affected",
        "version": "Long-term 6.42.12 and below"
      },
      {
        "status": "affected",
        "version": "Testing 6.44beta75 and below"
      }
    ]
  }
]

8.1 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.4%