Vulnerability-Lookup

CVE-2018-14847 (GCVE-0-2018-14847)

Vulnerability from cvelistv5 – Published: 2018-08-02 07:00 – Updated: 2025-10-21 23:45

CISA KEV KEVintel KEV

Summary

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

SSVC

Exploitation: active Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

n/a
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

mitre

References

9 references

URL	Tags
https://www.exploit-db.com/exploits/45578/	exploit
https://github.com/BigNerd95/WinboxExploit
https://github.com/tenable/routeros/blob/master/b…
https://github.com/BasuCert/WinboxPoC
https://github.com/tenable/routeros/tree/master/p…
https://n0p.me/winbox-bug-dissection/
https://github.com/tenable/routeros/tree/master/p…
https://mikrotik.com/supportsec/winbox-vulnerability
https://www.cisa.gov/known-exploited-vulnerabilit…	government-resource

Date Public

2018-08-02 00:00

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 81acc4b8-266f-4268-8f7f-892fbde8294e

Vulnerability ID: CVE-2018-14847

Status: Confirmed

Status Updated: 2021-12-01 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-12-01

Asserted: 2021-12-01

Scope

Notes: KEV entry: MikroTik Router OS Directory Traversal Vulnerability | Affected: MikroTik / RouterOS | Description: MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. | Required action: Apply updates per vendor instructions. | Due date: 2022-06-01 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2018-14847

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-22
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	RouterOS
Due Date	2022-06-01
Date Added	2021-12-01
Vendorproject	MikroTik
Vulnerabilityname	MikroTik Router OS Directory Traversal Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2018-14847

Created: 2026-02-02 12:28 UTC | Updated: 2026-02-06 07:17 UTC

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 79531444-521b-42ec-8233-100d92d44da4

Vulnerability ID: CVE-2018-14847

Status: Confirmed

Status Updated: 2021-12-01 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-12-01

Asserted: 2021-12-01

Scope

Notes: KEVIntel entry: MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write... | Affected: MikroTik / RouterOS | CVSS: 9.1 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write...
Vendor	MikroTik
Product	RouterOS
Added Date	2021-12-01T00:00:00.000Z
Cvss Score	9.1
Epss Score	None
Cvss Severity	CRITICAL
Epss Percentile	None
Used In Malware	unknown
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	False

References

Created: 2026-06-19 12:47 UTC | Updated: 2026-06-19 12:47 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:38:13.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "45578",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/45578/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/BigNerd95/WinboxExploit"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/BasuCert/WinboxPoC"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://n0p.me/winbox-bug-dissection/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2018-14847",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T20:41:33.262103Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-12-01",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-22",
                "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:45:49.372Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-12-01T00:00:00.000Z",
            "value": "CVE-2018-14847 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-08-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-28T16:59:41.013Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "45578",
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/45578/"
        },
        {
          "url": "https://github.com/BigNerd95/WinboxExploit"
        },
        {
          "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
        },
        {
          "url": "https://github.com/BasuCert/WinboxPoC"
        },
        {
          "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
        },
        {
          "url": "https://n0p.me/winbox-bug-dissection/"
        },
        {
          "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
        },
        {
          "url": "https://mikrotik.com/supportsec/winbox-vulnerability"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-14847",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "45578",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/45578/"
            },
            {
              "name": "https://github.com/BigNerd95/WinboxExploit",
              "refsource": "MISC",
              "url": "https://github.com/BigNerd95/WinboxExploit"
            },
            {
              "name": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf",
              "refsource": "MISC",
              "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
            },
            {
              "name": "https://github.com/BasuCert/WinboxPoC",
              "refsource": "MISC",
              "url": "https://github.com/BasuCert/WinboxPoC"
            },
            {
              "name": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847",
              "refsource": "MISC",
              "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
            },
            {
              "name": "https://n0p.me/winbox-bug-dissection/",
              "refsource": "MISC",
              "url": "https://n0p.me/winbox-bug-dissection/"
            },
            {
              "name": "https://github.com/tenable/routeros/tree/master/poc/bytheway",
              "refsource": "MISC",
              "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-14847",
    "datePublished": "2018-08-02T07:00:00.000Z",
    "dateReserved": "2018-08-02T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:45:49.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2018-14847",
      "cwes": "[\"CWE-22\"]",
      "dateAdded": "2021-12-01",
      "dueDate": "2022-06-01",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2018-14847",
      "product": "RouterOS",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.",
      "vendorProject": "MikroTik",
      "vulnerabilityName": "MikroTik Router OS Directory Traversal Vulnerability"
    },
    "epss": {
      "cve": "CVE-2018-14847",
      "date": "2026-06-20",
      "epss": "0.96087",
      "percentile": "0.9987"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-06-01",
      "cisaExploitAdd": "2021-12-01",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "MikroTik Router OS Directory Traversal Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.42\", \"matchCriteriaId\": \"16E5E5C5-AE57-4E80-8405-C12C6D0999EB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.\"}, {\"lang\": \"es\", \"value\": \"MikroTik RouterOS hasta la versi\\u00f3n 6.42 permite que atacante remoto no autenticado lean archivos arbitrarios y que los atacantes autenticados remotos escriban en archivos arbitrarios debido a una vulnerabilidad de salto de directorio en la interfaz WinBox.\"}]",
      "id": "CVE-2018-14847",
      "lastModified": "2024-11-21T03:49:54.730",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:N\", \"baseScore\": 6.4, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-08-02T07:29:00.280",
      "references": "[{\"url\": \"https://github.com/BasuCert/WinboxPoC\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/BigNerd95/WinboxExploit\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/bytheway\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://n0p.me/winbox-bug-dissection/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/45578/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/BasuCert/WinboxPoC\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/BigNerd95/WinboxExploit\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/bytheway\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://n0p.me/winbox-bug-dissection/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/45578/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-14847\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-08-02T07:29:00.280\",\"lastModified\":\"2025-11-07T19:20:41.257\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.\"},{\"lang\":\"es\",\"value\":\"MikroTik RouterOS hasta la versi\u00f3n 6.42 permite que atacante remoto no autenticado lean archivos arbitrarios y que los atacantes autenticados remotos escriban en archivos arbitrarios debido a una vulnerabilidad de salto de directorio en la interfaz WinBox.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-12-01\",\"cisaActionDue\":\"2022-06-01\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"MikroTik Router OS Directory Traversal Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.42\",\"matchCriteriaId\":\"16E5E5C5-AE57-4E80-8405-C12C6D0999EB\"}]}]}],\"references\":[{\"url\":\"https://github.com/BasuCert/WinboxPoC\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/BigNerd95/WinboxExploit\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tenable/routeros/tree/master/poc/bytheway\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://mikrotik.com/supportsec/winbox-vulnerability\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://n0p.me/winbox-bug-dissection/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/45578/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/BasuCert/WinboxPoC\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/BigNerd95/WinboxExploit\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tenable/routeros/tree/master/poc/bytheway\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://n0p.me/winbox-bug-dissection/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/45578/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/45578/\", \"name\": \"45578\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://github.com/BigNerd95/WinboxExploit\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/BasuCert/WinboxPoC\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://n0p.me/winbox-bug-dissection/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/bytheway\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T09:38:13.936Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-14847\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T20:41:33.262103Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-12-01\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-12-01T00:00:00.000Z\", \"value\": \"CVE-2018-14847 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T20:41:20.982Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2018-08-02T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/45578/\", \"name\": \"45578\", \"tags\": [\"exploit\"]}, {\"url\": \"https://github.com/BigNerd95/WinboxExploit\"}, {\"url\": \"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\"}, {\"url\": \"https://github.com/BasuCert/WinboxPoC\"}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\"}, {\"url\": \"https://n0p.me/winbox-bug-dissection/\"}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/bytheway\"}, {\"url\": \"https://mikrotik.com/supportsec/winbox-vulnerability\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-04-28T16:59:41.013Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.exploit-db.com/exploits/45578/\", \"name\": \"45578\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://github.com/BigNerd95/WinboxExploit\", \"name\": \"https://github.com/BigNerd95/WinboxExploit\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\", \"name\": \"https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/BasuCert/WinboxPoC\", \"name\": \"https://github.com/BasuCert/WinboxPoC\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\", \"name\": \"https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\", \"refsource\": \"MISC\"}, {\"url\": \"https://n0p.me/winbox-bug-dissection/\", \"name\": \"https://n0p.me/winbox-bug-dissection/\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tenable/routeros/tree/master/poc/bytheway\", \"name\": \"https://github.com/tenable/routeros/tree/master/poc/bytheway\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-14847\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2018-14847\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:45:49.372Z\", \"dateReserved\": \"2018-08-02T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2018-08-02T07:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

BDU:2018-01357

Vulnerability from fstec - Published: 23.04.2018

Title

Уязвимость компонента Winbox операционной системы RouterOS маршрутизаторов MikroTik, позволяющая нарушителю обойти процедуру аутентификации

Description

Уязвимость компонента Winbox операционной системы RouterOS маршрутизаторов MikroTik вызвана ошибками механизма аутентификации. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить чтение произвольных файлов и обойти процедуру аутентификации

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Vendor

MikroTik

Software Name

RouterOS

Software Version

до 6.42 включительно (RouterOS)

Possible Mitigations

Обновление программного обеспечения до более поздней версии: https://mikrotik.com/download

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-14847#vulnCurrentDescriptionTitle https://xakep.ru/2018/09/05/mikrotik-still-under-attack/ https://habr.com/company/kaspersky/blog/425701/ https://github.com/BasuCert/WinboxPoC https://github.com/BigNerd95/WinboxExploit https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf https://github.com/tenable/routeros/tree/master/poc/bytheway https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847 https://n0p.me/winbox-bug-dissection/ https://www.exploit-db.com/exploits/45578/ https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

CWE

CWE-287

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "MikroTik",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 6.42 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (RouterOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438:\nhttps://mikrotik.com/download",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "23.04.2018",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.11.2018",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2018-01357",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-14847",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "RouterOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "MikroTik RouterOS \u0434\u043e 6.42 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Winbox \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b RouterOS \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 MikroTik, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f (CWE-287)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Winbox \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b RouterOS \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 MikroTik \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2018-14847#vulnCurrentDescriptionTitle\nhttps://xakep.ru/2018/09/05/mikrotik-still-under-attack/\nhttps://habr.com/company/kaspersky/blog/425701/\nhttps://github.com/BasuCert/WinboxPoC\nhttps://github.com/BigNerd95/WinboxExploit\nhttps://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf  \nhttps://github.com/tenable/routeros/tree/master/poc/bytheway\nhttps://github.com/tenable/routeros/tree/master/poc/cve_2018_14847\nhttps://n0p.me/winbox-bug-dissection/\nhttps://www.exploit-db.com/exploits/45578/\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-287",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

FKIE_CVE-2018-14847

Vulnerability from fkie_nvd - Published: 2018-08-02 07:29 - Updated: 2026-06-17 01:41

CISA KEV KEVintel KEV

Severity

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

References

URL	Tags
cve@mitre.org	https://github.com/BasuCert/WinboxPoC	Exploit, Mitigation, Third Party Advisory
cve@mitre.org	https://github.com/BigNerd95/WinboxExploit	Exploit, Mitigation, Third Party Advisory
cve@mitre.org	https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf	Broken Link, Exploit, Third Party Advisory
cve@mitre.org	https://github.com/tenable/routeros/tree/master/poc/bytheway	Exploit, Third Party Advisory
cve@mitre.org	https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847	Exploit, Third Party Advisory
cve@mitre.org	https://mikrotik.com/supportsec/winbox-vulnerability	Vendor Advisory
cve@mitre.org	https://n0p.me/winbox-bug-dissection/	Exploit, Third Party Advisory
cve@mitre.org	https://www.exploit-db.com/exploits/45578/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://github.com/BasuCert/WinboxPoC	Exploit, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/BigNerd95/WinboxExploit	Exploit, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf	Broken Link, Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tenable/routeros/tree/master/poc/bytheway	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://n0p.me/winbox-bug-dissection/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/45578/	Exploit, Third Party Advisory, VDB Entry
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847	US Government Resource

Impacted products

	Vendor	Product	Version
	mikrotik	routeros	*

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "cve@mitre.org"
    }
  ],
  "cisaActionDue": "2022-06-01",
  "cisaExploitAdd": "2021-12-01",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "MikroTik Router OS Directory Traversal Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E5E5C5-AE57-4E80-8405-C12C6D0999EB",
              "versionEndIncluding": "6.42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface."
    },
    {
      "lang": "es",
      "value": "MikroTik RouterOS hasta la versi\u00f3n 6.42 permite que atacante remoto no autenticado lean archivos arbitrarios y que los atacantes autenticados remotos escriban en archivos arbitrarios debido a una vulnerabilidad de salto de directorio en la interfaz WinBox."
    }
  ],
  "id": "CVE-2018-14847",
  "lastModified": "2026-06-17T01:41:44.820",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2018-14847",
          "options": [
            {
              "exploitation": "active"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-02-04T20:41:33.262103Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2018-08-02T07:29:00.280",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/BasuCert/WinboxPoC"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/BigNerd95/WinboxExploit"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://mikrotik.com/supportsec/winbox-vulnerability"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://n0p.me/winbox-bug-dissection/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45578/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/BasuCert/WinboxPoC"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/BigNerd95/WinboxExploit"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://n0p.me/winbox-bug-dissection/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45578/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-J583-4CFP-XF9M

Vulnerability from github – Published: 2022-05-14 01:28 – Updated: 2025-10-22 00:31

Details

Severity

9.1 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-14847"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-02T07:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.",
  "id": "GHSA-j583-4cfp-xf9m",
  "modified": "2025-10-22T00:31:36Z",
  "published": "2022-05-14T01:28:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14847"
    },
    {
      "type": "WEB",
      "url": "https://github.com/BasuCert/WinboxPoC"
    },
    {
      "type": "WEB",
      "url": "https://github.com/BigNerd95/WinboxExploit"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
    },
    {
      "type": "WEB",
      "url": "https://mikrotik.com/supportsec/winbox-vulnerability"
    },
    {
      "type": "WEB",
      "url": "https://n0p.me/winbox-bug-dissection"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14847"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45578"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-14847

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-14847

Aliases

CVE-2018-14847

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-14847",
    "description": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.",
    "id": "GSD-2018-14847",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2018-14847"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-14847"
      ],
      "details": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.",
      "id": "GSD-2018-14847",
      "modified": "2023-12-13T01:22:38.457264Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2018-14847",
      "dateAdded": "2021-12-01",
      "dueDate": "2022-06-01",
      "product": "RouterOS",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.",
      "vendorProject": "MikroTik",
      "vulnerabilityName": "MikroTik Router OS Directory Traversal Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-14847",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "45578",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/45578/"
          },
          {
            "name": "https://github.com/BigNerd95/WinboxExploit",
            "refsource": "MISC",
            "url": "https://github.com/BigNerd95/WinboxExploit"
          },
          {
            "name": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf",
            "refsource": "MISC",
            "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
          },
          {
            "name": "https://github.com/BasuCert/WinboxPoC",
            "refsource": "MISC",
            "url": "https://github.com/BasuCert/WinboxPoC"
          },
          {
            "name": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847",
            "refsource": "MISC",
            "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
          },
          {
            "name": "https://n0p.me/winbox-bug-dissection/",
            "refsource": "MISC",
            "url": "https://n0p.me/winbox-bug-dissection/"
          },
          {
            "name": "https://github.com/tenable/routeros/tree/master/poc/bytheway",
            "refsource": "MISC",
            "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.42",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-14847"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://n0p.me/winbox-bug-dissection/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://n0p.me/winbox-bug-dissection/"
            },
            {
              "name": "https://github.com/BigNerd95/WinboxExploit",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Mitigation",
                "Third Party Advisory"
              ],
              "url": "https://github.com/BigNerd95/WinboxExploit"
            },
            {
              "name": "https://github.com/BasuCert/WinboxPoC",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Mitigation",
                "Third Party Advisory"
              ],
              "url": "https://github.com/BasuCert/WinboxPoC"
            },
            {
              "name": "45578",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/45578/"
            },
            {
              "name": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
            },
            {
              "name": "https://github.com/tenable/routeros/tree/master/poc/bytheway",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
            },
            {
              "name": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2019-03-07T14:12Z",
      "publishedDate": "2018-08-02T07:29Z"
    }
  }
}

VAR-201808-0384

Vulnerability from variot - Updated: 2023-12-18 13:43

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. MikroTik RouterOS Contains an authentication vulnerability.Information may be obtained. MikroTik RouterOS is prone to a authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. MikroTik RouterOS version 6.42 and prior versions are vulnerable. MikroTik RouterOS is a routing operating system. Winbox for MikroTik RouterOS is an application for managing MikroTik RouterOS system

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201808-0384",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "routeros",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "mikrotik",
        "version": "6.42"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "mikrotik",
        "version": "6.42"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "6.41.3"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.51"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.50"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.49"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.48"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.47"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.46"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.45"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.44"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.43"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.42"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.41"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "2.9.40"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "6.3"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "6.2"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "5.26"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "5.25"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "5.15"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "5.0"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "4.0"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.2"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.13"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.12"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.11"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.10"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.09"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.08"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.07"
      },
      {
        "model": "routeros",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mikrotik",
        "version": "3.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "105269"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.42",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Qihoo 360 Netlab",
    "sources": [
      {
        "db": "BID",
        "id": "105269"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-14847",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-14847",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-125047",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-14847",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.2,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-14847",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-14847",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-14847",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201808-086",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-125047",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-14847",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-14847"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. MikroTik RouterOS Contains an authentication vulnerability.Information may be obtained. MikroTik RouterOS is prone to a authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass authentication mechanism  and perform unauthorized actions. This may lead to further attacks. \nMikroTik RouterOS version 6.42 and prior versions are vulnerable. MikroTik RouterOS is a routing operating system. Winbox for MikroTik RouterOS is an application for managing MikroTik RouterOS system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "db": "BID",
        "id": "105269"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-14847"
      }
    ],
    "trust": 2.07
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-125047",
        "trust": 0.1,
        "type": "unknown"
      },
      {
        "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=45578",
        "trust": 0.1,
        "type": "exploit"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-14847"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-14847",
        "trust": 2.9
      },
      {
        "db": "EXPLOIT-DB",
        "id": "45578",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "105269",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "149742",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-97396",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-125047",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-14847",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-14847"
      },
      {
        "db": "BID",
        "id": "105269"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ]
  },
  "id": "VAR-201808-0384",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:43:35.324000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "RouterOS",
        "trust": 0.8,
        "url": "https://mikrotik.com/software"
      },
      {
        "title": "mnk",
        "trust": 0.1,
        "url": "https://github.com/nomiyousafzai/mnk "
      },
      {
        "title": "Y",
        "trust": 0.1,
        "url": "https://github.com/etc-i/y "
      },
      {
        "title": "PocWinbox",
        "trust": 0.1,
        "url": "https://github.com/alamsyahh15/pocwinbox "
      },
      {
        "title": "hackwifi",
        "trust": 0.1,
        "url": "https://github.com/ridwan-aplikom/hackwifi "
      },
      {
        "title": "CVE-2018-14847",
        "trust": 0.1,
        "url": "https://github.com/yukar1z0e/cve-2018-14847 "
      },
      {
        "title": "winbox",
        "trust": 0.1,
        "url": "https://github.com/spot-summers/winbox "
      },
      {
        "title": "w",
        "trust": 0.1,
        "url": "https://github.com/thamirk/exploitr "
      },
      {
        "title": "Python-MikrotikLoginExploit",
        "trust": 0.1,
        "url": "https://github.com/sinichi449/python-mikrotikloginexploit "
      },
      {
        "title": "WinBox_Exploit",
        "trust": 0.1,
        "url": "https://github.com/rainardhuman/winbox_exploit "
      },
      {
        "title": "WinboxExploit",
        "trust": 0.1,
        "url": "https://github.com/msterusky/winboxexploit "
      },
      {
        "title": "WinboxExploitMikrotik",
        "trust": 0.1,
        "url": "https://github.com/firmanandriansyah/winboxexploitmikrotik "
      },
      {
        "title": "WinboxExploit",
        "trust": 0.1,
        "url": "https://github.com/ferib/winboxexploit "
      },
      {
        "title": "MkCheck",
        "trust": 0.1,
        "url": "https://github.com/s1l3nt78/mkcheck "
      },
      {
        "title": "WinboxPoC",
        "trust": 0.1,
        "url": "https://github.com/acengerz/winboxpoc "
      },
      {
        "title": "Cracker-Winbox",
        "trust": 0.1,
        "url": "https://github.com/octha-droiidxz/cracker-winbox "
      },
      {
        "title": "MikroRoot",
        "trust": 0.1,
        "url": "https://github.com/remix30303/mikroroot "
      },
      {
        "title": "WinboxPoC",
        "trust": 0.1,
        "url": "https://github.com/basucert/winboxpoc "
      },
      {
        "title": "MkCheck",
        "trust": 0.1,
        "url": "https://github.com/7dbc/mkcheck "
      },
      {
        "title": "ecko",
        "trust": 0.1,
        "url": "https://github.com/eckoxxx/ecko "
      },
      {
        "title": "w",
        "trust": 0.1,
        "url": "https://github.com/thamirk/rxtxw "
      },
      {
        "title": "WinboxPoc",
        "trust": 0.1,
        "url": "https://github.com/exploit747/winboxpoc "
      },
      {
        "title": "Wifi-Hack",
        "trust": 0.1,
        "url": "https://github.com/mrzynox/wifi-hack "
      },
      {
        "title": "PoC",
        "trust": 0.1,
        "url": "https://github.com/jie-geng/poc "
      },
      {
        "title": "WinboxPoC",
        "trust": 0.1,
        "url": "https://github.com/elacengerz/winboxpoc "
      },
      {
        "title": "Mikrotik-router-hack",
        "trust": 0.1,
        "url": "https://github.com/hacker30468/mikrotik-router-hack "
      },
      {
        "title": "sapulidi",
        "trust": 0.1,
        "url": "https://github.com/dedesundara/sapulidi "
      },
      {
        "title": "Winbox-Poc-With-Launcher",
        "trust": 0.1,
        "url": "https://github.com/authenticweebs/winbox-poc-with-launcher "
      },
      {
        "title": "CVE-2018-14847",
        "trust": 0.1,
        "url": "https://github.com/jas502n/cve-2018-14847 "
      },
      {
        "title": "WinboxPoC",
        "trust": 0.1,
        "url": "https://github.com/notfound-git/winboxpoc "
      },
      {
        "title": "darksplitz",
        "trust": 0.1,
        "url": "https://github.com/koboi137/darksplitz "
      },
      {
        "title": "awesome-cyber-security",
        "trust": 0.1,
        "url": "https://github.com/xrkk/awesome-cyber-security "
      },
      {
        "title": "Cyber-Security_Collection",
        "trust": 0.1,
        "url": "https://github.com/rakhithjk/cyber-security_collection "
      },
      {
        "title": "Exp101tsArchiv30thers",
        "trust": 0.1,
        "url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers "
      },
      {
        "title": "awesome-cve-poc_qazbnm456",
        "trust": 0.1,
        "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
      },
      {
        "title": "CVE-POC",
        "trust": 0.1,
        "url": "https://github.com/0xt11/cve-poc "
      },
      {
        "title": "PoC-in-GitHub",
        "trust": 0.1,
        "url": "https://github.com/nomi-sec/poc-in-github "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/huawei-router-default-credential/140234/"
      },
      {
        "title": "The Register",
        "trust": 0.1,
        "url": "https://www.theregister.co.uk/2018/10/11/tenable_mikrotik_bugs/"
      },
      {
        "title": "The Register",
        "trust": 0.1,
        "url": "https://www.theregister.co.uk/2018/09/27/fancy_bear_modules/"
      },
      {
        "title": "BleepingComputer",
        "trust": 0.1,
        "url": "https://www.bleepingcomputer.com/news/security/over-3-700-mikrotik-routers-abused-in-cryptojacking-campaigns/"
      },
      {
        "title": "The Register",
        "trust": 0.1,
        "url": "https://www.theregister.co.uk/2018/09/04/mikrotik_routers_pwned/"
      },
      {
        "title": "BleepingComputer",
        "trust": 0.1,
        "url": "https://www.bleepingcomputer.com/news/security/thousands-of-compromised-mikrotik-routers-send-traffic-to-attackers/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-14847"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-287",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "https://www.exploit-db.com/exploits/45578/"
      },
      {
        "trust": 2.1,
        "url": "https://github.com/basucert/winboxpoc"
      },
      {
        "trust": 2.1,
        "url": "https://github.com/bignerd95/winboxexploit"
      },
      {
        "trust": 2.1,
        "url": "https://n0p.me/winbox-bug-dissection/"
      },
      {
        "trust": 1.8,
        "url": "https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway"
      },
      {
        "trust": 1.8,
        "url": "https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14847"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14847"
      },
      {
        "trust": 0.3,
        "url": "https://blog.netlab.360.com/7500-mikrotik-routers-are-forwarding-owners-traffic-to-the-attackers-how-is-yours-en/"
      },
      {
        "trust": 0.3,
        "url": "http://www.mikrotik.com/"
      },
      {
        "trust": 0.3,
        "url": "https://mikrotik.com/download"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/22.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/nomiyousafzai/mnk"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-14847"
      },
      {
        "db": "BID",
        "id": "105269"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-14847"
      },
      {
        "db": "BID",
        "id": "105269"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-08-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "date": "2018-08-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-14847"
      },
      {
        "date": "2018-08-02T00:00:00",
        "db": "BID",
        "id": "105269"
      },
      {
        "date": "2018-10-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "date": "2018-08-02T07:29:00.280000",
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "date": "2018-08-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-125047"
      },
      {
        "date": "2019-03-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-14847"
      },
      {
        "date": "2018-08-02T00:00:00",
        "db": "BID",
        "id": "105269"
      },
      {
        "date": "2018-10-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      },
      {
        "date": "2019-03-07T14:12:53.707000",
        "db": "NVD",
        "id": "CVE-2018-14847"
      },
      {
        "date": "2019-03-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "MikroTik RouterOS Authentication vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008866"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-086"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-14847 (GCVE-0-2018-14847)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Successful Exploitation Confidence: 70% Source: kevintel

Details

References

BDU:2018-01357

FKIE_CVE-2018-14847

GHSA-J583-4CFP-XF9M

GSD-2018-14847

VAR-201808-0384

Tags

Sightings

Nomenclature