N/A

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning

N/A

关键功能的认证机制缺失

MikroTik RouterOS 访问控制错误漏洞

MikroTik RouterOS是拉脱维亚MikroTik公司的一套基于Linux开发的路由器操作系统。该系统可部署在PC中，使其提供路由器功能。 MikroTik RouterOS 6.45.6 Stable及之前版本和6.44.5 Long-term及之前版本中存在安全漏洞。攻击者可借助8291端口利用该漏洞进行DNS查询，可能造成缓存中毒。

N/A

N/A