← back
CVE-2019-3978

CVE-2019-3978

EPSS 10.3%CWE-306
Vexday Risk Score
28Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 10.3%KEV nãoPoC públicaNuclei Metasploit Patch
Lifecycle
28 Oct 2019Published on NVD
31 Oct 2019Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning
Affected products
n/a · MikroTik RouterOS
public PoCs found2
cve_referencepacketstormsecurity.com/files/155036/MikroTik-RouterOS-6.45.6-DNS-Cache-Poisoning.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47566unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/155036/MikroTik-RouterOS-6.45.6-DNS-Cache-Poisoning.htmlhttps://www.tenable.com/security/research/tra-2019-46