What the vulnerability does

01Description

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.

Key dates

02Disclosure timeline

February 20, 2019 CVE published
September 17, 2024 Record updated