MikroTik RouterOS up to and including 6.42 allows unauthenticated remote malicious users to read arbitrary files and remote authenticated malicious users to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mikrotik routeros |
MikroTik. Stupid name. Stupid bugs. Get those fixes MikroTik routers grab their pickaxes, descend into the crypto mines
If you haven't installed a batch of patches for bugs in your MikroTik routers – and two thirds of owners apparently haven't – then stiffen the sinews and summon up the blood: you really need to update your firmware. The vulnerabilities, which were addressed by the manufacturer way back in August in software updates, can lead all the way up to remote code execution (RCE) if exploited. We're told that roughly 68 per cent of vulnerable MikroTik gear facing the internet remain unpatched, though....
Talos turns up obfuscation, lateral attacks, and proxies
Cunning malware VPNFilter remains under active development, and is acquiring ever more dangerous features. That's the conclusion Cisco's Talos Intelligence security team reached after delving into recent samples and identifying seven “third-stage VPNFilter modules that add significant functionality to the malware”. VPNFilter rose to prominence in May, when Talos found half a million pwned home routers and NAS boxes in 54 countries. The FBI attributed the attacks to Russia's Sofacy group (“...
Researchers uncover botnet malware pouncing on security holes MikroTik routers grab their pickaxes, descend into the crypto mines
More than 7,500 Mikrotik routers have been compromised with malware that logs and transmits network traffic data to an unknown control server. This is according to researchers from 360 Netlab, who found the routers had all been taken over via an exploit for CVE-2018-14847, a vulnerability first disclosed in the Vault7 data dump of supposed CIA hacking tools. Since mid-July, Netlab said, attackers have looked to exploit the flaw and enlist routers to do things like force connected machines to min...
Get our weekly newsletter Thanks... Micro... soft... OK, there, we said it
Microsoft has published a tool that scans for and detects MikroTik-powered Internet-of-Things devices that have been hijacked by the Trickbot gang. The open-source scanner comes after an investigation by Redmond's Defender for IoT research team into how the nefarious malware crew takes over MikroTik routers and sets them up to funnel communications to and from Trickbot-infected computers on the network and the criminals' backend servers. In a release note this week, Microsoft's security team out...