原文:

https://blog.mikrotik.com/security/cve-20193924-dude-agent-vulnerability.html

The issue is fixed in:

  • 6.43.12 (2019-02-11 14:39)
  • 6.44beta75 (2019-02-11 15:26)
  • 6.42.12 (2019-02-12 11:46)

On February 21, Tenable published a new CVE, describing a vulnerability, which allows to proxy a TCP/UDP request through the routers Winbox port, if it's open to the internet. Tenable had previously contacted MikroTik about this issue, so a fix has already been released on February 11, 2019 in all RouterOS release channels.

The issue does not affect RouterBOARD devices with default configuration, if the "Firewall router" checkbox was left enabled. The issue DOES NOT pose any risk to the router itself, file system is not vulnerable, the issue only allows redirection of connections if port is open. Device itself is safe.

The issue is fixed in:

  • 6.43.12 (2019-02-11 14:39)
  • 6.44beta75 (2019-02-11 15:26)
  • 6.42.12 (2019-02-12 11:46)

As always, MikroTik urges all users to keep their devices up to date, to be protected against all known vulnerabilities and make sure your routers administative ports are firewalled from untrusted networks. The "ip services" menu, where you can protect the "winbox" service, also affects the "dude agent" service, so if you have limited access with this menu, it also protects you from this issue.

mikrotik ros CVE-2019–3924 DUDE AGENT VULNERABILITY的更多相关文章

  1. CVE 2019 0708 安装重启之后 可能造成 手动IP地址丢失.

    1. 最近两天发现 更新了微软的CVE 2019-0708的补丁之后 之前设置的手动ip地址会变成 自动获取, 造成ip地址丢失.. 我昨天遇到两个, 今天同事又遇到一个.微软做补丁也不走心啊..

  2. MikroTik RouterOS网址资源收集

    routeros|mikrotik|ros|软路由论坛|中国路由网|软件路由|软件路由器|routeros技术论坛|路由论坛 - Powered by Discuz!   Mikrotik RB450 ...

  3. FlexPaper 2.3.6 远程命令执行漏洞 附Exp

    影响版本:小于FlexPaper 2.3.6的所有版本 FlexPaper (https://www.flowpaper.com) 是一个开源项目,遵循GPL协议,在互联网上非常流行.它为web客户端 ...

  4. CVE-2019-11604 Quest KACE Systems Management Appliance <= 9.0 XSS

    CVE-2019-11604 Quest KACE Systems Management Appliance CVE-2019-11604 Quest KACE Systems Management ...

  5. Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update

    Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update Package:l ...

  6. Cisco Common Service Platform Collector - Hardcoded Credentials(CVE-2019-1723)

    Cisco Common Service Platform Collector - Hardcoded Credentials 思科公共服务平台收集器-硬编码凭证(CVE-2019-1723) htt ...

  7. CVE: 2014-6271、CVE: 2014-7169 Bash Specially-crafted Environment Variables Code Injection Vulnerability Analysis

    目录 . 漏洞的起因 . 漏洞原理分析 . 漏洞的影响范围 . 漏洞的利用场景 . 漏洞的POC.测试方法 . 漏洞的修复Patch情况 . 如何避免此类漏洞继续出现 1. 漏洞的起因 为了理解这个漏 ...

  8. ROS routeros mikrotik路由器CVE-2018-14847漏洞

    原文: https://securitynews.sonicwall.com/xmlpost/massive-cryptojacking-campaign/ SonicWall is observin ...

  9. [我的CVE][CVE-2017-15708]Apache Synapse Remote Code Execution Vulnerability

    漏洞编号:CNVD-2017-36700 漏洞编号:CVE-2017-15708 漏洞分析:https://www.javasec.cn/index.php/archives/117/ [Apache ...

随机推荐

  1. expect脚本实例

    #!/usr/bin/expect //必须写这句,表明使用expect,有些系统可能没有自带,使用yum install expect -y 安装 spawn ssh 192.168.2.128 / ...

  2. Java中的包学习笔记

    一.总结 1.引入包的概念的原因和包的作用比如有多个人开发一个大型程序,A定义了一个Math.java类,B也定义了一个Math.java类,它们放在不同目录,使用的时候也是用目录来区分,包实际上就是 ...

  3. Intellij IDEA2017.3永久激活方法

    随着idea不断地发展,eclipse的缺点日渐明显,为了能够获得良好的编码体验,越来越多的朋友转向了idea,淘汰了eclipse但是由于近期idea所有私人服务器被封杀了,很多喜欢编码的朋友们都陷 ...

  4. 原生js实现ajax用于简单的签到或登录

    <script> function createStandardXHR() {     try {         return new window.XMLHttpRequest(); ...

  5. codeblock设置快捷键

    第一步: 第二步: 第三步:  格式化代码设置: 在代码框里点右键,按Format use Astyle就会自动代码格式化了 但是它默认的风格是大括号另起一行,很不习惯,实际上是可以改的 1.Sett ...

  6. 01c++学习

    #include"iostream" using namespace std; void main01() { //printf("hello_world\n" ...

  7. java BIO/NIO

    一.BIO Blocking IO(即阻塞IO); 1.      特点: a)   Socket服务端在监听过程中每次accept到一个客户端的Socket连接,就要处理这个请求,而此时其他连接过来 ...

  8. AI update

    1, labeling工具 - 测试完成 使用fiji + Alps_Labeling_Tool.ijm 做labeling 生成的文件可以使用python读取 2,training -未开始 使用t ...

  9. requestAnimationFrame 知识点

    与setTimeout相比,requestAnimationFrame最大的优势是由系统来决定回调函数的执行时机.具体一点讲,如果屏幕刷新率是60Hz,那么回调函数就每16.7ms被执行一次,如果刷新 ...

  10. pycharm Process finished with exit code (0xC0000005)

    pycharm  Process finished with exit code  (0xC0000005)解决办法 上次报过这个错误,是在安装浏览器时发现的,报过同样的错误.按当时的方法,以为切地解 ...