← back
CVE-2019-3978

CVE-2019-3978

EPSS 10.3%CWE-306
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning
Affected products
n/a · MikroTik RouterOS
public PoCs found2
cve_referencepacketstormsecurity.com/files/155036/MikroTik-RouterOS-6.45.6-DNS-Cache-Poisoning.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47566unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/155036/MikroTik-RouterOS-6.45.6-DNS-Cache-Poisoning.htmlhttps://www.tenable.com/security/research/tra-2019-46