Security Architecture, Endpoint/Device Security, IoT, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Patched MikroTik router bug more dangerous than originally believed

Share

A patched vulnerability in MikroTik routers that researchers once believed could only be exploited to read affected files turns out to be far more serious, as it can also allow attackers to write over these same files.

That means the vulnerability, known as directory traversal bug CVE-2018-14847, can actually be abused to commit remote code execution, warned Tenable researcher Jacob Baines, who discovered the new twist on the flaw and detailed his findings this past weekend at the Derbycon computer security conference in Louisville, Ky.

According to NIST's National Vulnerability Database, the issue is located in the Winbox utility component of MikroTik RouterOS through 6.42. The bug "allows remote attackers to bypass authentication and read arbitrary files by modifying a request to change one byte related to a Session ID," it the NVD entry says.

But as initially reported by Threatpost, Bained found the flaw can be further exploited to obtain root shell access, bypass router firewall protections, create a backdoor into the network, and write code or load malware. This essentially allows attackers who exploit the flaw to take full control of the computer, Baines confirmed with SC Media in a brief interview.

More details on Baines' discovery, including his Derbycon presentation slides and proof-of-concept code, can be found on Tenable's public GitHub page.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.