Lucene search
K

25 matches found

GithubExploit
GithubExploit
added 2022/10/31 6:38 a.m.19 views

Exploit for Path Traversal in Mikrotik Routeros

By the Way By the Way is an exploit that enables a root shell...

9.1CVSS9.4AI score0.96087EPSS
Exploits23
The Hacker News
The Hacker News
added 2022/03/23 9:49 a.m.209 views

Botnet of Thousands of MikroTik Routers Abused in Glupteba, TrickBot Campaigns

Vulnerable routers from MikroTik have been misused to form what cybersecurity researchers have called one of the largest botnet-as-a-service cybercrime operations seen in recent years. According to a new piece of research published by Avast, a cryptocurrency mining campaign leveraging the...

9.1CVSS8.9AI score0.96087EPSS
Exploits23
The Hacker News
The Hacker News
added 2022/03/17 10:5 a.m.149 views

TrickBot Malware Abusing MikroTik Routers as Proxies for Command-and-Control

Microsoft on Wednesday detailed a previously undiscovered technique put to use by the TrickBot malware that involves using compromised Internet of Things IoT devices as a go-between for establishing communications with the command-and-control C2 servers. "By using MikroTik routers as proxy server...

9.1CVSS1AI score0.96087EPSS
Exploits23
Gitee
Gitee
added 2021/10/17 12:0 a.m.3 views

Exploit for Path Traversal in Mikrotik Routeros

This is a proof of concept PoC exploit for the critical WinBox vulnerability CVE-2018-14847 that allows for arbitrary file read of plain text passwords. The vulnerability has been fixed, but the project is no longer supported or updated. The exploit is written in Python and uses the socket librar...

9.1CVSS7.1AI score0.96087EPSS
Exploits23
ThreatPost
ThreatPost
added 2021/09/10 4:31 p.m.110 views

Yandex Pummeled by Potent Meris DDoS Botnet

Technical details tied to a record-breaking distributed-denial-of-service DDoS attack against Russian internet behemoth Yandex are surfacing as the digital dust settles. A massive botnet, dubbed Mēris, is believed responsible, flooding Yandex with millions of HTTP requests for webpages at the sam...

9.1CVSS8.8AI score0.96087EPSS
Exploits23References7
GithubExploit
GithubExploit
added 2019/09/29 12:21 p.m.25 views

Exploit for Path Traversal in Mikrotik Routeros

Mikrotik Login Exploit PoC Proof of Concept dari vulnerabili...

9.1CVSS9.4AI score0.96087EPSS
Exploits23
ThreatPost
ThreatPost
added 2018/12/20 8:41 p.m.219 views

Huawei Router Flaw Leaks Default Credential Status

A vulnerability in some Huawei routers used for carrier ISP services allows cybercriminals to identify whether the devices have default credentials or not – without ever connecting to them. CVE-2018-7900 exists in the router panel and allows credentials information to leak – so attackers can simp...

10CVSS1.4AI score0.99975EPSS
Exploits29References4
Malwarebytes
Malwarebytes
added 2018/10/12 3:0 p.m.606 views

Fake browser update seeks to compromise more MikroTik routers

This blog post was authored by @hasherezade and Jérôme Segura. MikroTik, a Latvian company that makes routers and ISP wireless systems, has been dealing with several vulnerabilities affecting its products' operating system over the past few months. Ever since a critical flaw in RouterOS was...

5CVSS9.4AI score0.96087EPSS
Exploits23
0day.today
0day.today
added 2018/10/10 12:0 a.m.2610 views

MicroTik RouterOS < 6.43rc3 - Remote Root Exploit

/ Exploit Title: RouterOS Remote Rooting Exploit Author: Jacob Baines Vendor Homepage: www.mikrotik.com Software Link: https://mikrotik.com/download Version: Longterm: 6.30.1 - 6.40.7 Stable: 6.29 - 6.42 Beta: 6.29rc1 - 6.43rc3 Tested on: RouterOS Various CVE : CVE-2018-14847 By the Way is an...

9.1CVSS8.7AI score0.96087EPSS
Exploits23
exploitpack
exploitpack
added 2018/10/10 12:0 a.m.163 views

MicroTik RouterOS 6.43rc3 - Remote Root

MicroTik RouterOS 6.43rc3 - Remote Root / Exploit Title: RouterOS Remote Rooting Date: 10/07/2018 Exploit Author: Jacob Baines Vendor Homepage: www.mikrotik.com Software Link: https://mikrotik.com/download Version: Longterm: 6.30.1 - 6.40.7 Stable: 6.29 - 6.42 Beta: 6.29rc1 - 6.43rc3 Tested on:...

6.4CVSS8.8AI score0.96087EPSS
Exploits23
Packet Storm
Packet Storm
added 2018/10/10 12:0 a.m.451 views

Mikrotik RouterOS Remote Root

/ Exploit Title: RouterOS Remote Rooting Date: 10/07/2018 Exploit Author: Jacob Baines Vendor Homepage: www.mikrotik.com Software Link: https://mikrotik.com/download Version: Longterm: 6.30.1 - 6.40.7 Stable: 6.29 - 6.42 Beta: 6.29rc1 - 6.43rc3 Tested on: RouterOS Various CVE : CVE-2018-14847 By...

5CVSS8.7AI score0.96087EPSS
Exploits23
Exploit DB
Exploit DB
added 2018/10/10 12:0 a.m.3364 views

MicroTik RouterOS &lt; 6.43rc3 - Remote Root

/ Exploit Title: RouterOS Remote Rooting Date: 10/07/2018 Exploit Author: Jacob Baines Vendor Homepage: www.mikrotik.com Software Link: https://mikrotik.com/download Version: Longterm: 6.30.1 - 6.40.7 Stable: 6.29 - 6.42 Beta: 6.29rc1 - 6.43rc3 Tested on: RouterOS Various CVE : CVE-2018-14847 By...

9.1CVSS8.7AI score0.96087EPSS
Exploits23
HackRead
HackRead
added 2018/10/09 5:37 p.m.391 views

MikroTik router vulnerability lets hackers bypass firewall to load malware undetected

By Waqas Tenable Research’s cybersecurity researcher has released “By The way,” which is a new PoC proof-of-concept RCE attack after identifying a new attack method to exploit an already discovered vulnerability in MikroTik routers. The vulnerability, identified as CVE-2018-14847, is an old...

5CVSS1.9AI score0.96087EPSS
Exploits23
ThreatPost
ThreatPost
added 2018/10/08 12:7 a.m.346 views

PoC Attack Escalates MikroTik Router Bug to ‘As Bad As It Gets’

A new hacking technique used against vulnerable MikroTik routers gives attackers the ability to execute remote code on affected devices. The technique is yet another security blow against the MikroTik router family. Previous hacks have left the routers open to device failures, cyptojacking and...

9CVSS1.3AI score0.96087EPSS
Exploits27References9
The Hacker News
The Hacker News
added 2018/09/04 9:53 a.m.431 views

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially...

9.1CVSS0.5AI score0.96087EPSS
Exploits23
Circl
Circl
added 2018/09/04 8:51 a.m.8 views

CVE-2018-14847

creationtimestamp| type| source ---|---|--- 2018-09-04 08:51:50+00:00| seen| MISP/5b8e46ef-a8b4-4059-8c5c-4cc0950d210f 2018-09-04 16:19:46+00:00| exploited| https://t.me/SecLabNews/3063 2018-09-05 10:41:49+00:00| exploited| https://t.me/mtikpro/98 2018-09-05 16:12:57+00:00| exploited|...

9.1CVSS7.5AI score0.96087EPSS
Exploits23References32
exploitpack
exploitpack
added 2018/08/17 12:0 a.m.406 views

Mikrotik WinBox 6.42 - Credential Disclosure (golang)

Mikrotik WinBox 6.42 - Credential Disclosure golang / Title: Mikrotik WinBox 6.42 - Credential Disclosure golang edition Author: Maxim Yefimenko @slider Date: 2018-08-06 Sotware Link: https://mikrotik.com/download Vendor Page: https://www.mikrotik.com/ Version: 6.29 - 6.42 Tested on: Fedora 28 ...

6.4CVSS8.7AI score0.96087EPSS
Exploits23
Packet Storm
Packet Storm
added 2018/08/17 12:0 a.m.579 views

Mikrotik WinBox 6.42 Credential Disclosure

/ Title: Mikrotik WinBox 6.42 - Credential Disclosure golang edition Author: Maxim Yefimenko @slider Date: 2018-08-06 Sotware Link: https://mikrotik.com/download Vendor Page: https://www.mikrotik.com/ Version: 6.29 - 6.42 Tested on: Fedora 28 \ Debian 9 \ Windows 10 \ Android wherever it was...

8.7AI score0.96087EPSS
Exploits23
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.607 views

Mikrotik WinBox 6.42 - Credential Disclosure (golang)

/ Title: Mikrotik WinBox 6.42 - Credential Disclosure golang edition Author: Maxim Yefimenko @slider Date: 2018-08-06 Sotware Link: https://mikrotik.com/download Vendor Page: https://www.mikrotik.com/ Version: 6.29 - 6.42 Tested on: Fedora 28 \ Debian 9 \ Windows 10 \ Android wherever it was...

9.1CVSS8.7AI score0.96087EPSS
Exploits23
Check Point Advisories
Check Point Advisories
added 2018/08/06 12:0 a.m.45 views

MikroTik RouterOS Winbox Authentication Bypass (CVE-2018-14847)

An authentication bypass vulnerability exists in the Winbox component of Mikrotik RouterOS. A remote attacker could exploit this flaw by sending specially crafted packets to the affected server. Successful exploitation of this vulnerability would allow a remote attacker to hijack a user's session...

6.4CVSS4.6AI score0.96087EPSS
Exploits23
Rows per page
Query Builder