How severe is CVE-2019-3924?

CVE-2019-3924 has a CVSS v3 score of 7.5 (HIGH).

CVE-2019-3924

Name: routeros
Author: mikrotik

7.5HIGH

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A

Veröffentlicht: 2/20/2019Aktualisiert: 8/15/2025

Beschreibung

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.

KI-AnalyseKI-gestützt

Betroffene Produkte

mikrotikrouteros

Verfügbare Exploits (1)

EDB-46444

remotehardwareVERIFIED

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass

CVE-2019-3924

Jacob Baines2/21/2019

Referenzen

http://www.securityfocus.com/bid/107177
Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/46444/
ExploitThird Party AdvisoryVDB Entry
https://www.tenable.com/security/research/tra-2019-07
ExploitThird Party Advisory
http://www.securityfocus.com/bid/107177
Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/46444/
ExploitThird Party AdvisoryVDB Entry
https://www.tenable.com/security/research/tra-2019-07
ExploitThird Party Advisory