MikroTik RouterOS Winbox Unauthenticated Arbitrary File Read Vulnerability

High Nessus Plugin ID 117335

Synopsis

The remote networking device is affected by an unauthenticated arbitrary file read vulnerability.

Description

The remote networking device is running a version of MikroTik RouterOS vulnerable to an unauthenticated arbitrary file read vulnerability. Nessus was able to exploit this vulnerability to retrieve the device credential store.

Solution

Upgrade to MikroTik RouterOS 6.40.8 / 6.42.1 / 6.43rc4 or later.

See Also

https://github.com/BasuCert/WinboxPoC

https://n0p.me/winbox-bug-dissection/

https://blog.mikrotik.com/security/winbox-vulnerability.html

Plugin Details

Severity: High

ID: 117335

File Name: mikrotik_cve_2018-14847.nasl

Version: 1.2

Type: remote

Family: Misc.

Published: 2018/09/06

Modified: 2018/09/17

Dependencies: 59731

Risk Information

Risk Factor: High

CVSS Score Source: manual

CVSS Score Rationale: Nvd score unavailable. unauthenticated arbitrary file read

CVSSv2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSSv3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/o:mikrotik:routeros

Patch Publication Date: 2018/04/23

Vulnerability Publication Date: 2018/04/23

Reference Information

CVE: CVE-2018-14847