DNS cache poisoning vulnerability28th Oct, 2019 | Security
Tenable has identified a vulnerability in RouterOS DNS implementation. RouterOS 6.45.6 and below is vulnerable to unauthenticated remote DNS cache poisoning via Winbox. The router is impacted even when DNS is not enabled.
One possible attack vector is via Winbox on port 8291 if this port is open to untrusted… Full story