Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-14847
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Winbox for MikroTik RouterOS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MikroTik RouterOS是一套路由操作系统。Winbox for MikroTik RouterOS是一个用于管理MikroTik RouterOS系统的应用程序。 Winbox for MikroTik RouterOS 6.42及之前版本中存在安全漏洞。远程攻击者可通过修改请求利用该漏洞绕过身份验证并读取任意文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2018-14847
#POC DescriptionSource LinkShenlong Link
1Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847)https://github.com/BasuCert/WinboxPoCPOC Details
2C# implementation of BasuCert/WinboxPoC [Winbox Critical Vulnerability (CVE-2018-14847)]https://github.com/msterusky/WinboxExploitPOC Details
3Automated version of CVE-2018-14847 (MikroTik Exploit)https://github.com/syrex1013/MikroRootPOC Details
4MikroTik RouterOS Winbox未经身份验证的任意文件读/写漏洞https://github.com/jas502n/CVE-2018-14847POC Details
5 Mass MikroTik WinBox Exploitation tool, CVE-2018-14847 https://github.com/mahmoodsabir/mikrotik-beastPOC Details
6Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847) https://github.com/Tr33-He11/winboxPOCPOC Details
7PoC of CVE-2018-14847 Mikrotik Vulnerability using simple scripthttps://github.com/sinichi449/Python-MikrotikLoginExploitPOC Details
8Nonehttps://github.com/yukar1z0e/CVE-2018-14847POC Details
9This is a proof of concept of the critical WinBox vulnerability (CVE-2018-14847) which allows for arbitrary file read of plain text passwords. The vulnerability has long since been fixed, so this project has ended and will not be supported or updated anymore. You can fork it and update it yourself instead.https://github.com/hacker30468/Mikrotik-router-hackPOC Details
10By the Way is an exploit that enables a root shell on Mikrotik devices running RouterOS versions:https://github.com/babyshen/routeros-CVE-2018-14847-bythewayPOC Details
11Nonehttps://github.com/K3ysTr0K3R/CVE-2018-14847-EXPLOITPOC Details
12This is a proof of concept of the critical WinBox vulnerability (CVE-2018-14847) which allows for arbitrary file read of plain text passwords. The vulnerability has long since been fixed, so this project has ended and will not be supported or updated anymore. You can fork it and update it yourself instead.https://github.com/tausifzaman/CVE-2018-14847POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2018-14847
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n/a
Same vendor: n/a
V. Comments for CVE-2018-14847

No comments yet

Leave a comment