Web service vulnerability

30th May, 2018 | Security

This post summerizes the facts around the www service vulnerability in RouterOS which was published by Wikileaks as part of the Vault 7 document release. The vulnerability affected the RouterOS webfig configuration interface, if no firewall was put in place to protect it. MikroTik fixed the vulnerability in the… Full story

CVE-2018-14847 winbox vulnerability

25th Mar, 2018 | Security

This post summarises the Winbox server vulnerability in RouterOS, discovered and fixed in RouterOS on April 23, 2018. Note that although Winbox was used as point of attack, the vulnerabilitty was in RouterOS. This issue was later assigned a universal identifier CVE-2018-14847. How it works: The vulnerability allowed a special… Full story

Newer posts →