Vulnerabilities In RouterOS Used In MikroTik Routers
A researcher at Tenable has discovered several vulnerabilities in the Mikrotik Routers. Precisely, he discovered four different security flaws in the RouterOS that could trigger hacking attacks.
As discovered by Jacob Baines, the Tenable researcher, the Mikrotik’s operating system RouterOS had around four different security flaws. These include a remote code execution vulnerability (CVE-2018-1156), File upload memory exhaustion flaw (CVE-2018-1157), recursive JSON parsing stack exhaustion (CVE-2018-1158), and www memory corruption (CVE-2018-1159).
All these vulnerabilities, despite being different, had one thing common. They all required legit user credentials for authentication prior to exploit. While all four vulnerabilities were dangerous, the RCE flaw was classed as critical where it could allow an attacker to leverage full control over the target system by remote attacks. As stated in the Tenable’s advisory regarding these vulnerabilities,
“If the authenticated RCE vulnerability (CVE-2018-1156) is used against routers with default credentials, an attacker can potentially gain full system access, granting them the ability to divert and reroute traffic and gain access to any internal system that uses the router.”
POC For A Previous Directory Traversal Vulnerability
Baines also discovered a new attack method that makes the previously medium severity bug (CVE-2018-14847) into a critical one. After accessing the system by exploiting this bug, an attacker could perform any code execution as well as malware uploads too. As Baines said to ThreatPost,
“By exploiting the flaw, the remote attacker can get a root shell on the device as well as bypass the router’s firewall, gain access to the internal network, and even load malware onto victims’ systems undetected.”
Comments
Post a Comment