MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows them access to the management interface as an administrator without authentication.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-08-26T20:12:52

Updated: 2024-08-05T00:34:53.153Z

Reserved: 2019-08-14T00:00:00

Link: CVE-2019-15055

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-08-26T21:15:11.210

Modified: 2024-11-21T04:27:58.123

Link: CVE-2019-15055

cve-icon Redhat

No data.