CVE-2019-3924

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.

MikroTik RouterOS, en versiones anteriores a la 6.43.12 (stable) y 6.42.12 (long-term), es vulnerable a una vulnerabilidad de intermediario. El software ejecutará peticiones de red definidas por el usuario a los clientes WAN y LAN. Un atacante no autenticado remoto puede emplear esta vulnerabilidad para omitir el firewall del router o para realizar actividades generales de escaneo de red.