DNS Cache Poisoning Vulnerability in RouterOS by MikroTik
CVE-2019-3979

7.5HIGH

Key Information:

Vendor: Mikrotik
Status: Mikrotik Routeros
Vendor: CVE Published:; 29 October 2019

What is CVE-2019-3979?

RouterOS, developed by MikroTik, is susceptible to a serious vulnerability where it improperly handles DNS queries. Specifically, the affected versions of the software add all A records to the DNS cache regardless of whether they are related to the queried domain. This flaw allows an attacker to poison the router's DNS cache by sending malicious responses containing unrelated A records from a compromised or rogue DNS server. As a result, users may unknowingly access incorrect or harmful websites, exposing them to potential data breaches or other cyber threats.

Affected Version(s)

MikroTik RouterOS RouterOS 6.45.6 Stable and below. RouterOS 6.44.5 Long-term and below.

References

https://www.tenable.com/security/research/tra-2019-46

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 29, 2019
Vulnerability Reserved
Jan 3, 2019

Mikrotik

What is CVE-2019-3979?

Affected Version(s)

References

CVSS V3.1

Timeline