Allele Security Alert
ASA-2019-00619, CVE-2019-3979, TRA-2019-46
Improper DNS Response Handling
MikroTik RouterOS Stable versions before 6.45.7
MikroTik RouterOS Long-term versions before 6.44.6
MikroTik RouterOS Stable version 6.45.7
MikroTik RouterOS Long-term version 6.44.6
Proof of concept
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router’s DNS cache via malicious responses with additional and untrue records.
Jacob Baines (Tenable Research)
MikroTik RouterOS Multiple Vulnerabilities
RouterOS: Chain to Root
MikroTik Routers and Wireless – Software
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: October 29, 2019