CVE-2019-3943
N/A
N/A
Summary
MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| MikroTik | RouterOS | Stable 6.43.12 and below | affected |
| MikroTik | RouterOS | Long-term 6.42.12 and below | affected |
| MikroTik | RouterOS | Testing 6.44beta75 and below | affected |
Weaknesses
- CWE-23: CWE-23 Path Traversal
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.