1/10/2023 0 Comments Download winbox 2.2 13![]() The vulnerability scanner Nessus provides a plugin with the ID 117335 (MikroTik RouterOS Winbox Unauthenticated Arbitrary File Read/Write Vulnerability), which helps to determine the existence of the flaw in a target environment. It is possible to download the exploit at. Technical details are unknown but a public exploit is available.Ī public exploit has been developed by Basu Cert (Mosajjal) and been published before and not just after the advisory. ![]() The exploitation doesn't need any form of authentication. This vulnerability is known as CVE-2018-14847 since. As an impact it is known to affect confidentiality, integrity, and availability. When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. The CWE definition for the vulnerability is CWE-287. The manipulation as part of a Request leads to a weak authentication vulnerability. Affected by this vulnerability is an unknown functionality of the component Winbox. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability has been found in MikroTik RouterOS up to 6.42 ( Router Operating System) and classified as critical. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |