CVE-2018-14847 - MikroTik Router OS Directory Traversal Vulnerability
Project:MikroTik
Product:RouterOS
Date Added:2021-12-01Due Date:2022-06-01
Vulnerability Name
MikroTik Router OS Directory Traversal Vulnerability
Description
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-14847