Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.28 views

MikroTik RouterOS Confused Deputy (CVE-2019-3924)

MikroTik RouterOS before 6.43.12 stable and 6.42.12 long-term is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for...

7.5CVSS7.4AI score0.15697EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2019/04/08 12:0 a.m.201 views

MikroTik RouterOS Unauthenticated Intermediary

The remote networking device is running a version of MikroTik RouterOS vulnerable to an unauthenticated intermediary vulnerability. Therefore, an unauthenticated remote attacker could use the MikroTik router to proxy arbitrary traffic or bypass the router's firewall. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS7.6AI score0.15697EPSS
Exploits4References2
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.160 views

MikroTik RouterOS 6.43.12 (stable) 6.42.12 (long-term) - Firewall and NAT Bypass

MikroTik RouterOS 6.43.12 stable 6.42.12 long-term - Firewall and NAT Bypass CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can ...

5CVSS0.4AI score0.15697EPSS
Exploits4
0day.today
0day.today
added 2019/02/21 12:0 a.m.361 views

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass

MikroTik RouterOS 6.43.12 stable / 6.42.12 long-term - Firewall and NAT Bypass CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack ca...

7.5CVSS0.5AI score0.15697EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/02/21 12:0 a.m.271 views

MikroTik RouterOS &lt; 6.43.12 (stable) / &lt; 6.42.12 (long-term) - Firewall and NAT Bypass

CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can be found here: https://www.youtube.com/watch?v=CxyOtsNVgFg A Tenable Research...

7.5CVSS7.6AI score0.15697EPSS
Exploits4
Circl
Circl
added 2019/02/21 12:0 a.m.32 views

CVE-2019-3924

creationtimestamp| type| source ---|---|--- 2019-02-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46444 2019-02-21 05:45:40+00:00| seen| Telegram/2E2dy9OYYaEYmhdkxDpQcX-ZNfT83PbwDTTfo0Aql9rM 2019-02-22 02:26:30+00:00| published-proof-of-concept|...

7.5CVSS7.3AI score0.15697EPSS
Exploits4References2
CVE
CVE
added 2019/02/20 8:0 p.m.282 views

CVE-2019-3924

CVE-2019-3924 affects MikroTik RouterOS prior to 6.43.12 (stable) and 6.42.12 (long-term). The vulnerability lets an unauthenticated remote attacker trigger user-specified network requests to WAN and LAN clients via an intermediary flaw, enabling firewall bypass or general network scanning activi...

7.5CVSS7.6AI score0.15697EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder