Security News > 2018 > October > New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access
2018-10-08 15:48

A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/_BO7PxYe1Ks/router-hacking-exploit.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-08-02 CVE-2018-14847 Path Traversal vulnerability in Mikrotik Routeros
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
network
low complexity
mikrotik CWE-22
critical
9.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mikrotik 4 1 46 28 5 80