← back
CVE-2018-14847

CVE-2018-14847

CVSS 9.1 CRITICALEPSS 96.1%● KEVCWE-22
In short

MikroTik RouterOS has a flaw that lets attackers bypass file restrictions using directory traversal tricks in the WinBox interface. Anyone can read files without logging in, and logged-in users can write files anywhere on the system.

Technical detail

A directory traversal vulnerability (CWE-22) in MikroTik RouterOS WinBox interface allows unauthenticated remote attackers to read arbitrary files via path manipulation, and authenticated attackers to write arbitrary files. The vulnerability affects RouterOS versions through 6.42 and can be exploited without special privileges or user interaction.

Summary generated and translated by AI from the official description.
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected products
n/a · n/a
public PoCs found16
githubgithub.com/BasuCert/WinboxPoC521githubgithub.com/hacker30468/Mikrotik-router-hack56githubgithub.com/jas502n/CVE-2018-1484730githubgithub.com/sinichi449/Python-MikrotikLoginExploit20githubgithub.com/syrex1013/MikroRoot15githubgithub.com/msterusky/WinboxExploit7githubgithub.com/K3ysTr0K3R/CVE-2018-14847-EXPLOIT6githubgithub.com/mahmoodsabir/mikrotik-beast6githubgithub.com/babyshen/routeros-CVE-2018-14847-bytheway4githubgithub.com/yukar1z0e/CVE-2018-148471githubgithub.com/Tr33-He11/winboxPOC1githubgithub.com/mourafuseti/VULNERAVEL-CVE-2018-14847---CREDENCIAIS-EXTRAIDAS1githubgithub.com/tausifzaman/CVE-2018-148471githubgithub.com/TheMalwareGuardian/CVE-2018-148470cve_referencewww.exploit-db.com/exploits/45578/unverifiedexploitdbwww.exploit-db.com/exploits/45578unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/BasuCert/WinboxPoChttps://github.com/BigNerd95/WinboxExploithttps://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdfhttps://github.com/tenable/routeros/tree/master/poc/bythewayhttps://github.com/tenable/routeros/tree/master/poc/cve_2018_14847https://mikrotik.com/supportsec/winbox-vulnerabilityhttps://n0p.me/winbox-bug-dissection/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847https://www.exploit-db.com/exploits/45578/