Vulnerability in N/a
CVE-2018-14847
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
EPSS: 0.936 (99.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply updates per vendor instructions.
Public proof-of-concept exploits
- BasuCert/WinboxPoC
- hacker30468/Mikrotik-router-hack
- jas502n/CVE-2018-14847
- sinichi449/Python-MikrotikLoginExploit
- syrex1013/MikroRoot
- msterusky/WinboxExploit
- K3ysTr0K3R/CVE-2018-14847-EXPLOIT
- mahmoodsabir/mikrotik-beast
- babyshen/routeros-CVE-2018-14847-bytheway
- mourafuseti/VULNERAVEL-CVE-2018-14847---CREDENCIAIS-EXTRAIDAS
References
- 45578 (exploit)
- github.com/BigNerd95/WinboxExploit
- github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.p…
- github.com/BasuCert/WinboxPoC
- github.com/tenable/routeros/tree/master/poc/cve_2018_14847
- n0p.me/winbox-bug-dissection/
- github.com/tenable/routeros/tree/master/poc/bytheway
- mikrotik.com/supportsec/winbox-vulnerability
Frequently asked questions
- What is CVE-2018-14847?
- CVE-2018-14847 is a vulnerability in N/a. Published 2018-08-02.
- Is CVE-2018-14847 known to be exploited?
- Yes. CVE-2018-14847 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2021-12-01), indicating it is being actively exploited. 79 public proof-of-concept repositories are indexed.