Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-3943
HistoryApr 10, 2019 - 9:29 p.m.

CVE-2019-3943

2019-04-1021:29:01
CWE-23
CWE-22
[email protected]
web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:P/A:N

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.1 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk).

Affected configurations

NVD
Node
mikrotikrouterosRange6.42.12ltr
OR
mikrotikrouterosRange6.43.12-
Node
mikrotikrouterosMatch6.41rc31testing
OR
mikrotikrouterosMatch6.41rc32testing
OR
mikrotikrouterosMatch6.41rc34testing
OR
mikrotikrouterosMatch6.41rc37testing
OR
mikrotikrouterosMatch6.41rc38testing
OR
mikrotikrouterosMatch6.41rc44testing
OR
mikrotikrouterosMatch6.41rc47testing
OR
mikrotikrouterosMatch6.41rc50testing
OR
mikrotikrouterosMatch6.41rc52testing
OR
mikrotikrouterosMatch6.41rc56testing
OR
mikrotikrouterosMatch6.41rc61testing
OR
mikrotikrouterosMatch6.41rc66testing
OR
mikrotikrouterosMatch6.42rc11testing
OR
mikrotikrouterosMatch6.42rc12testing
OR
mikrotikrouterosMatch6.42rc14testing
OR
mikrotikrouterosMatch6.42rc15testing
OR
mikrotikrouterosMatch6.42rc18testing
OR
mikrotikrouterosMatch6.42rc2testing
OR
mikrotikrouterosMatch6.42rc20testing
OR
mikrotikrouterosMatch6.42rc23testing
OR
mikrotikrouterosMatch6.42rc24testing
OR
mikrotikrouterosMatch6.42rc27testing
OR
mikrotikrouterosMatch6.42rc28testing
OR
mikrotikrouterosMatch6.42rc30testing
OR
mikrotikrouterosMatch6.42rc35testing
OR
mikrotikrouterosMatch6.42rc37testing
OR
mikrotikrouterosMatch6.42rc39testing
OR
mikrotikrouterosMatch6.42rc41testing
OR
mikrotikrouterosMatch6.42rc43testing
OR
mikrotikrouterosMatch6.42rc46testing
OR
mikrotikrouterosMatch6.42rc48testing
OR
mikrotikrouterosMatch6.42rc49testing
OR
mikrotikrouterosMatch6.42rc5testing
OR
mikrotikrouterosMatch6.42rc52testing
OR
mikrotikrouterosMatch6.42rc56testing
OR
mikrotikrouterosMatch6.42rc6testing
OR
mikrotikrouterosMatch6.42rc9testing
OR
mikrotikrouterosMatch6.43rc11testing
OR
mikrotikrouterosMatch6.43rc12testing
OR
mikrotikrouterosMatch6.43rc14testing
OR
mikrotikrouterosMatch6.43rc17testing
OR
mikrotikrouterosMatch6.43rc19testing
OR
mikrotikrouterosMatch6.43rc21testing
OR
mikrotikrouterosMatch6.43rc23testing
OR
mikrotikrouterosMatch6.43rc27testing
OR
mikrotikrouterosMatch6.43rc29testing
OR
mikrotikrouterosMatch6.43rc3testing
OR
mikrotikrouterosMatch6.43rc32testing
OR
mikrotikrouterosMatch6.43rc34testing
OR
mikrotikrouterosMatch6.43rc4testing
OR
mikrotikrouterosMatch6.43rc40testing
OR
mikrotikrouterosMatch6.43rc42testing
OR
mikrotikrouterosMatch6.43rc44testing
OR
mikrotikrouterosMatch6.43rc45testing
OR
mikrotikrouterosMatch6.43rc5testing
OR
mikrotikrouterosMatch6.43rc51testing
OR
mikrotikrouterosMatch6.43rc56testing
OR
mikrotikrouterosMatch6.43rc6testing
OR
mikrotikrouterosMatch6.43rc64testing
OR
mikrotikrouterosMatch6.43rc66testing
OR
mikrotikrouterosMatch6.43rc7testing
OR
mikrotikrouterosMatch6.44beta14testing
OR
mikrotikrouterosMatch6.44beta17testing
OR
mikrotikrouterosMatch6.44beta20testing
OR
mikrotikrouterosMatch6.44beta28testing
OR
mikrotikrouterosMatch6.44beta39testing
OR
mikrotikrouterosMatch6.44beta40testing
OR
mikrotikrouterosMatch6.44beta50testing
OR
mikrotikrouterosMatch6.44beta54testing
OR
mikrotikrouterosMatch6.44beta6testing
OR
mikrotikrouterosMatch6.44beta61testing
OR
mikrotikrouterosMatch6.44beta75testing
OR
mikrotikrouterosMatch6.44beta9testing

Related

nessus 1
openvas 1
cvelist 1
prion 1
cve 1
zdt 1
exploitpack 1
packetstorm 1
exploitdb 1
nessus
nessus
MikroTik RouterOS Path Traversal (CVE-2019-3943)
2024-02-27 00:00:00
openvas
openvas
MikroTik RouterOS Directory Traversal Vulnerability (CVE-2019-3943)
2019-04-10 00:00:00
cvelist
cvelist
CVE-2019-3943
2019-04-10 20:01:00
prion
prion
Directory traversal
2019-04-10 21:29:00
cve
cve
CVE-2019-3943
2019-04-10 21:29:01
zdt
zdt
MikroTik RouterOS 6.45.6 - DNS Cache Poisoning Exploit
2019-10-31 00:00:00
exploitpack
exploitpack
MikroTik RouterOS 6.45.6 - DNS Cache Poisoning
2019-10-31 00:00:00
packetstorm
packetstorm
MikroTik RouterOS 6.45.6 DNS Cache Poisoning
2019-10-31 00:00:00
exploitdb
exploitdb
MikroTik RouterOS 6.45.6 - DNS Cache Poisoning
2019-10-31 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:P/A:N

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.1 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON
Related for NVD:CVE-2019-3943
nessus1openvas1cvelist1prion1cve1zdt1exploitpack1packetstorm1exploitdb1