“The licupgr binary has an sprintf that an authenticated user can use to trigger a stack buffer overflow. The read flaw was fixed in April but the Write flaw hasn’t been patched yet. ![]() Moreover, it allows an attacker to write files to the router. ![]() It allows attackers to read files flowing through the router without any verification. The flaw is linked to a Winbox Any Directory File. ![]() “By exploiting the flaw, the remote attacker can get a root shell on the device as well as bypass the router’s firewall, gain access to the internal network, and even load malware onto victims’ systems undetected.” In a blog post published soon after the presentation at Derb圜on, Tenable Research explained the consequences of the newly identified attack method: Tenable Research revealed the new findings at the Derb圜on 8.0, held in Louisville, Kentucky, on Sunday. Needless to say, it poses yet another serious threat to the MikroTik router family, which is already exposed to a variety of other issues including cryptojacking and network snooping. The new attack identified by Jacon Baines works on MikroTik’s edge and consumer routers. However, later it was categorized as critical because of the identification of new hacking technique that allowed attackers to carry out remote code execution on affected devices to obtain a root shell. RouterOS software powers the company’s business-grade RouterBOARD brand and ISP/carrier-grade gear. Initially, the vulnerability was rated as of medium severity and researchers believed it affected Winbox management component and a GUI application for Windows in the RouterOS software for MikroTik devices. It is being touted as a much more dangerous flaw than it is being perceived. ![]() The vulnerability, identified as CVE-2018-14847, is an old directory traversal flaw, which was patched the same day it was detected in April, 2018. Tenable Research’s cybersecurity researcher has released “By The way,” which is a new PoC (proof-of-concept) RCE attack after identifying a new attack method to exploit an already discovered vulnerability in MikroTik routers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |