A vulnerability, which was classified as critical, has been found in RouterOS up to 6.44.5/6.45.6 (Router Operating System). Affected by this issue is an unknown part of the component DNS Server. The manipulation as part of a Response leads to a input validation vulnerability. Using CWE to declare the problem leads to CWE-20. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. Impacted is confidentiality, integrity, and availability. CVE summarizes:

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's DNS cache via malicious responses with additional and untrue records.

The weakness was shared 10/29/2019. This vulnerability is handled as CVE-2019-3979 since 01/03/2019. The exploitation is known to be easy. The attack may be launched remotely. No form of authentication is required for exploitation. The technical details are unknown and an exploit is not available.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The entries 144433, 144432 and 144431 are related to this item.

Productinfo

Type

• Router Operating System

Name

• RouterOS

Version

• 6.44.0
• 6.44.1
• 6.44.2
• 6.44.3
• 6.44.4
• 6.44.5
• 6.45.0
• 6.45.1
• 6.45.2
• 6.45.3
• 6.45.4
• 6.45.5
• 6.45.6

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion