![]() The timestamp is precisely when 6.45.6 was released. ![]() You can see the response is a single line containing a version (6.45.6) and a Unix timestamp (1568106391). This returns information about the most recent Stable curl 6.45.6 1568106391 * Connection #0 to host left intact Latest mikrotik software can be downloaded here. #DNS SERVER MIKROTIK WINBOX UPGRADE#Please upgrade to latest OS version as soon as possible to avoid flaws and know vulnerabilities. ![]() !) security – fixed improper handling of DNS responses (CVE-2019-3978, CVE-2019-3979).If Winbox access is enabled from untrusted networks, an attacker from the internet can trigger a DNS request from the router which allows the attacker to make arbitrary requests, find the router’s internal address (router.lan), or figure out what is already cached.Īs usual, we recommend to protect your router administration interface with VPN and firewall. The resolver can be reached via Winbox by sending messages to system resolver. One possible attack vector is via Winbox on port 8291 if this port is open to untrusted networks. The router is impacted even when DNS is not enabled. RouterOS 6.45.6 and below is vulnerable to unauthenticated remote DNS cache poisoning via Winbox. Tenable has identified a vulnerability in RouterOS DNS implementation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |