126 matches found
Hackers Infect Over 200,000 MikroTik Routers With Crypto Mining Malware
Security researchers have discovered at least three massive malware campaigns exploiting hundreds of thousands of unpatched MikroTik routers to secretly install cryptocurrency miners on computers connected to them. In all, the malware campaigns have compromised more than 210,000 routers from...
Hackers Infect Over 200,000 MikroTik Routers With Crypto Mining Malware
Security researchers have discovered at least three massive malware campaigns exploiting hundreds of thousands of unpatched MikroTik routers to secretly install cryptocurrency miners on computers connected to them. In all, the malware campaigns have compromised more than 210,000 routers from...
CVE-2018-14847
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface...
CVE-2018-14847
CVE-2018-14847 is a WinBox directory-traversal vulnerability in MikroTik RouterOS that allowed unauthenticated remote file reads and, with authenticated access, file writes. Public PoCs/exploits (By the Way, WinboxExploit, MAC/RouterOS PoCs) demonstrate remote reading of the admin password and, i...
CVE-2018-14847
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface...
Mikrotik RouterOS 'Winbox Service' Information Disclosure Vulnerability (Apr 2018) - Active Check
Mikrotik RouterOS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Mikrotik Winbox Arbitrary File Access Vulnerability
MikroTik RouterOS is a routing operating system, developed based on the Linux kernel, compatible with x86 PC routing software, through which a standard PC computer can be turned into a professional router.Winbox is a Windows-based software for remote management of RouterOS, providing an intuitive...
Mikrotik Winbox 任意文件访问漏洞
In April 23rd 2018, Mikrotik fixed a vulnerability “that allowed gaining access to an unsecured router”. myself and @yalpanian of BASU CERT reverse engineering lab tried to figure out what exactly got fixed, what was the problem in the first place and how severe was the impact of it. UPDATE: full...
Exploit for Path Traversal in Mikrotik Routeros
WinboxExploit This is a proof of concept of the critical WinBo...
Exploit for Path Traversal in Mikrotik Routeros
WinboxExploit This is a proof of concept of the critical WinBo...
Mikrotik RouterOS 'Winbox Service' Information Disclosure Vulnerability (Apr 2018) - Version Check
Mikrotik RouterOS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
PT-2018-1757
Name of the Vulnerable Software and Affected Versions MikroTik RouterOS versions prior to 6.42 Description The issue is caused by a directory traversal vulnerability in the WinBox interface of MikroTik RouterOS, allowing unauthenticated remote attackers to read arbitrary files and remote...
APT Hackers Infect Routers to Covertly Implant Slingshot Spying Malware
Security researchers at Kaspersky have identified a sophisticated APT hacking group that has been operating since at least 2012 without being noticed due to their complex and clever hacking techniques. The hacking group used a piece of advanced malware—dubbed Slingshot—to infect hundreds of...
Mikrotik Router Remote Denial Of Service (CVE-2012-6050)
A vulnerability in the Winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service CPU consumption, read the router version, and possibly have additional impact via a request to download the router's DLLs or plugins...
Mikrotik Router Denial of Service
No description provided by source. !/usr/bin/python Exploit Title: Mikrotik Router Remote Denial Of Service attack Date: 19/4/2012 Author: PoURaN @ 133tsec.com Software Link: http://www.mikrotik.com Version: All mikrotik routers with winbox service enabled are affected still a 0day 30/5/2012 Test...
Cross site request forgery (csrf)
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service CPU consumption, read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll...
CVE-2012-6050
CVE-2012-6050 affects MikroTik RouterOS where the winbox service (RouterOS 5.15 and earlier) is exploitable. An attacker can remotely trigger a denial of service by consuming CPU, and may read the router version, with possible additional impacts via a request to download the router’s DLLs or plug...
MikroTik Winbox < 5.17 File Download DoS
According to its self-reported version number, the installation of MikroTik Winbox hosted on the remote web server is affected by a denial of service vulnerability. An unauthenticated, remote attacker may make multiple requests to download a large file, resulting in the service becoming...
MikroTik RouterOS Winbox Detection
The remote port is used by Winbox, a remote management tool, to administer devices running MikroTik RouterOS. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid59731; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...
Mikrotik Router Denial Of Service
!/usr/bin/python Exploit Title: Mikrotik Router Remote Denial Of Service attack Date: 19/4/2012 Author: PoURaN @ 133tsec.com Software Link: http://www.mikrotik.com Version: All mikrotik routers with winbox service enabled are affected still a 0day 30/5/2012 Tested on: Mikrotis RouterOS 2.9.6 up t...