Security News > 2018 > October > New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access
2018-10-08 15:48
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/_BO7PxYe1Ks/router-hacking-exploit.html
Related news
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)
- Critical Kubernetes Image Builder flaw gives SSH root access to VMs (source)
- Critical default credential in Kubernetes Image Builder allows SSH root access (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-02 | CVE-2018-14847 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. | 6.4 |