virus logo Intrusion Prevention

MikroTik.RouterOS.Remote.DLL.Plugin.Download

description-logoDescription

This indicates an attack attempt against an Information Disclosure vulnerability in MikroTik RouterOS.
The vulnerability is caused by a design issue when the vulnerable software handles a file download request without any authentication. It allows remote attackers to retrieve sensitive information within the context of the application, via a crafted HTTP request.

affected-products-logoAffected Products

MikroTik RouterOS 5.15 and prior

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware any vendor provided patch to address this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-07-23 28.831
Modified
 Name:MikroTik.
Router.
Remote.
DLL.
Plugin.
Download:MikroTik.
RouterOS.
Remote.
DLL.
Plugin.
Download
2019-10-24 14.710
Modified
 Default_action:pass:drop
2019-07-16 14.649
New

References

18817
ID 48139
Created Jul 16, 2019
Updated Jul 22, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 8.62%
Default Action drop
Active
Affected OS Other
Affected App Other
Profile Type Information Disclosure