7 matches found
MikroTik RouterOS Confused Deputy (CVE-2019-3924)
MikroTik RouterOS before 6.43.12 stable and 6.42.12 long-term is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for...
MikroTik RouterOS Unauthenticated Intermediary
The remote networking device is running a version of MikroTik RouterOS vulnerable to an unauthenticated intermediary vulnerability. Therefore, an unauthenticated remote attacker could use the MikroTik router to proxy arbitrary traffic or bypass the router's firewall. %NASLMINLEVEL 70300 C Tenable...
CVE-2019-3924
creationtimestamp| type| source ---|---|--- 2019-02-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46444 2019-02-21 05:45:40+00:00| seen| Telegram/2E2dy9OYYaEYmhdkxDpQcX-ZNfT83PbwDTTfo0Aql9rM 2019-02-22 02:26:30+00:00| published-proof-of-concept|...
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass
MikroTik RouterOS 6.43.12 stable / 6.42.12 long-term - Firewall and NAT Bypass CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack ca...
MikroTik RouterOS 6.43.12 (stable) 6.42.12 (long-term) - Firewall and NAT Bypass
MikroTik RouterOS 6.43.12 stable 6.42.12 long-term - Firewall and NAT Bypass CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can ...
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass
CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can be found here: https://www.youtube.com/watch?v=CxyOtsNVgFg A Tenable Research...
CVE-2019-3924
CVE-2019-3924 affects MikroTik RouterOS prior to 6.43.12 (stable) and 6.42.12 (long-term). The vulnerability lets an unauthenticated remote attacker trigger user-specified network requests to WAN and LAN clients via an intermediary flaw, enabling firewall bypass or general network scanning activi...