Security News > 2018 > October > New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access
2018-10-08 15:48
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/_BO7PxYe1Ks/router-hacking-exploit.html
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- New botnet exploits vulnerabilities in NVRs, TP-Link routers (source)
- 15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- 13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks (source)
- Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-02 | CVE-2018-14847 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. | 9.1 |