Headline
CVE-2019-3976: MikroTik RouterOS Multiple Vulnerabilities - Research Advisory | Tenable®
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package’s name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled.
Related news
Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects an estimated 70,000+ VPN/firewalls.
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance.
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating.