CVE-2019–3924 Mikrotik Dude agent vulnerability

A new vulnerability has been reported in the Mikrotik Dude agent. The issue eventually allows an attacker to proxy requests through the Winbox port on the vulnerable device. The CVE-2019–3924 has been published on February 21st, but there is already an update for the Mikrotik RouterOS that fixes it.

As the vulnerability relies on being able to publicly access the Winbox port, it doesn’t affect router with active firewall.

The issue is fixed in RouterOS versions:

  • 6.43.12 (2019-02-11 14:39)
  • 6.44beta75 (2019-02-11 15:26)
  • 6.42.12 (2019-02-12 11:46)