Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackreadWaqasHACKREAD:38EFBBF180E0993C3CC665D79BC0B551
HistoryOct 09, 2018 - 5:37 p.m.

MikroTik router vulnerability lets hackers bypass firewall to load malware undetected

2018-10-0917:37:16
Waqas
www.hackread.com
361

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

By Waqas

Tenable Research’s cybersecurity researcher has released “By The way,” which is a new PoC (proof-of-concept) RCE attack after identifying a new attack method to exploit an already discovered vulnerability in MikroTik routers. The vulnerability, identified as CVE-2018-14847, is an old directory traversal flaw, which was patched the same day it was detected in April, 2018. […]

This is a post from HackRead.com Read the original post: MikroTik router vulnerability lets hackers bypass firewall to load malware undetected

Related

attackerkb 1
packetstorm 2
mssecure 1
thn 7
nessus 2
malwarebytes 1
exploitdb 2
exploitpack 2
zdt 1
cisa_kev 1
cve 1
openvas 2
checkpoint_advisories 1
prion 1
talosblog 1
threatpost 6
mmpc 1
impervablog 2
rapid7blog 1
cisa 1
kitploit 1
ics 1
attackerkb
attackerkb
CVE-2018-14847
2018-08-02 00:00:00
packetstorm
packetstorm
Mikrotik RouterOS Remote Root
2018-10-10 00:00:00
Mikrotik WinBox 6.42 Credential Disclosure
2018-08-17 00:00:00
mssecure
mssecure
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure
2022-03-16 15:00:00
thn
thn
Imperva Thwarts 2.5 Million RPS Ransom DDoS Extortion Attacks
2022-03-05 07:53:00
Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack
2021-09-11 11:18:00
Botnet of Thousands of MikroTik Routers Abused in Glupteba, TrickBot Campaigns
2022-03-23 09:49:00
nessus
nessus
MikroTik RouterOS Winbox Unauthenticated Arbitrary File Read/Write Vulnerability
2018-09-06 00:00:00
MikroTik RouterOS Path Traversal (CVE-2018-14847)
2024-02-27 00:00:00
malwarebytes
malwarebytes
Fake browser update seeks to compromise more MikroTik routers
2018-10-12 15:00:06
exploitdb
exploitdb
Mikrotik WinBox 6.42 - Credential Disclosure (golang)
2018-08-17 00:00:00
MicroTik RouterOS < 6.43rc3 - Remote Root
2018-10-10 00:00:00
exploitpack
exploitpack
MicroTik RouterOS 6.43rc3 - Remote Root
2018-10-10 00:00:00
Mikrotik WinBox 6.42 - Credential Disclosure (golang)
2018-08-17 00:00:00
zdt
zdt
MicroTik RouterOS < 6.43rc3 - Remote Root Exploit
2018-10-10 00:00:00
cisa_kev
cisa_kev
MikroTik Router OS Directory Traversal Vulnerability
2021-12-01 00:00:00
cve
cve
CVE-2018-14847
2018-08-02 07:29:00
openvas
openvas
Mikrotik RouterOS 'Winbox Service' Information Disclosure Vulnerability - Version Check
2018-04-25 00:00:00
Mikrotik RouterOS 'Winbox Service' Information Disclosure Vulnerability - Active Check
2018-07-06 00:00:00
checkpoint_advisories
checkpoint_advisories
MikroTik RouterOS Winbox Authentication Bypass (CVE-2018-14847)
2018-08-06 00:00:00
prion
prion
Directory traversal
2018-08-02 07:29:00
talosblog
talosblog
VPNFilter III: More Tools for the Swiss Army Knife of Malware
2018-09-26 07:59:00
threatpost
threatpost
Yandex Pummeled by Potent Meris DDoS Botnet
2021-09-10 16:31:14
Thousands of MikroTik Routers Hijacked for Eavesdropping
2018-09-04 18:34:10
Massive Meris Botnet Embeds Ransomware Notes from REvil
2022-03-04 22:46:59
mmpc
mmpc
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure
2022-03-16 15:00:00
impervablog
impervablog
The 3 Biggest DDoS Attacks Imperva Has Mitigated
2022-05-31 15:12:48
Imperva Mitigates Ransom DDoS Attack Measuring 2.5 Million Requests per Second
2022-03-04 15:21:44
rapid7blog
rapid7blog
Metasploit Wrap-Up
2020-11-06 19:55:51
cisa
cisa
CISA Adds Five Known Exploited Vulnerabilities to Catalog
2021-12-01 00:00:00
kitploit
kitploit
Darksplitz - Exploit Framework
2019-04-04 21:12:00
ics
ics
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
2022-06-10 12:00:00

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.975 High

EPSS

Percentile

100.0%

JSON
Related for HACKREAD:38EFBBF180E0993C3CC665D79BC0B551
attackerkb1packetstorm2mssecure1thn7nessus2malwarebytes1exploitdb2exploitpack2zdt1cisa_kev1cve1openvas2checkpoint_advisories1prion1talosblog1threatpost6mmpc1impervablog2rapid7blog1cisa1kitploit1ics1