How severe is CVE-2019-3924?

CVE-2019-3924 has a CVSS v3 score of 7.5 (HIGH).

CVE-2019-3924

Name: routeros
Author: mikrotik

7.5HIGH

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A

公開日: 2/20/2019更新日: 8/15/2025

説明

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.

AI分析AIによる分析

影響を受ける製品

mikrotikrouteros

利用可能なエクスプロイト (1)

EDB-46444

remotehardwareVERIFIED

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass

CVE-2019-3924

Jacob Baines2/21/2019

参照

http://www.securityfocus.com/bid/107177
Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/46444/
ExploitThird Party AdvisoryVDB Entry
https://www.tenable.com/security/research/tra-2019-07
ExploitThird Party Advisory
http://www.securityfocus.com/bid/107177
Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/46444/
ExploitThird Party AdvisoryVDB Entry
https://www.tenable.com/security/research/tra-2019-07
ExploitThird Party Advisory