MikroTik router vulnerability lets hackers bypass firewall to load malware undetected
The vulnerability, identified as CVE-2018-14847, is an old directory traversal flaw, which was patched the same day it was detected in April, 2018. It is being touted as a much more dangerous flaw than it is being perceived.
Initially, the vulnerability was rated as of medium severity and researchers believed it affected Winbox management component and a GUI application for Windows in the RouterOS software for MikroTik devices. RouterOS software powers the company’s business-grade RouterBOARD brand and ISP/carrier-grade gear.
However, later it was categorized as critical because of the identification of new hacking technique that allowed attackers to carry out remote code execution on affected devices to obtain a root shell...Read More…