2 matches found
CVE-2019-3977
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can trick the router into "upgrading" to an older version of RouterOS and possibly reseting all the system...
CVE-2019-3977
CVE-2019-3977 affects MikroTik RouterOS. The vulnerability arises from insufficient validation of the origin of upgrade packages during autoupgrade, allowing a remote attacker to trick a device into upgrading to an older RouterOS version and potentially reset all usernames and passwords. Document...