Security News > 2018 > October > New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

2018-10-08 15:48
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/_BO7PxYe1Ks/router-hacking-exploit.html
Related news
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication (source)
- Palo Alto firewalls under attack as miscreants chain flaws for root access (source)
- Exploits for unpatched Parallels Desktop flaw give root on Macs (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices (source)
- Cisco IOS XR vulnerability lets attackers crash BGP on routers (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-02 | CVE-2018-14847 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. | 9.1 |