Select Page

A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought.

A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year.

The vulnerability, identified as CVE-2018-14847, was initially rated as medium in severity but should now be rated critical because the new hacking technique used against vulnerable MikroTik routers allows attackers to remotely execute code on affected devices and gain a root shell.

The vulnerability impacts Winbox—a management component for administrators to set up their routers using a Web-based interface—and a Windows GUI application for the RouterOS software used by the MikroTik devices.

The vulnerability allows “remote attackers to bypass authentication and read arbitrary files by modifying a request to change one byte related to a Session ID.”

images from Hacker News