3 matches found
CVE-2019-3976
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled...
MikroTik RouterOS Path Traversal (CVE-2019-3976)
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled. This...
CVE-2019-3976
The CVE-2019-3976 entry concerns MikroTik RouterOS (RouterOS) versions 6.45.6 Stable, 6.44.5 Long-term, and earlier. The vulnerability is a relative path traversal in the upgrade package handling (package name field), which allows an authenticated user who installs a malicious package to create a...