CVE-2018-1159: A memory corruption in the the attacker must known the username and password set up on the device, and that’s the reason why routers with default credentials are easy targets.CVE-2018-1158: A recursive JSON parsing stack exhaustion flaw that could cause a crash of the www service.CVE-2018-1157: A file upload memory exhaustion that cause the www binary to consume all memory.
MIKROTIK ROUTEROS BASED BOTNET CODE
CVE-2018-1156: A stack buffer overflow flaw that could allow remote code execution.The four vulnerabilities discovered by Tenable researcher Jacob Baines are: Mikrotik’s routers were among those targeted by the VPNFilter malware and in an extensive cryptojacking campaign flagged a few months ago. “Based on Shodan analysis, there are hundreds of thousands of Mikrotik deployments worldwide, with strong concentrations in Brazil, Indonesia, China, the Russian Federation and India,” the researchers noted.
MikroTik is headquartered in Riga, Latvia, and routers they manufacture are used by ISPs providers across the world. If you own a MikroTik router and you haven’t updated its RouterOS in the last month, you should do so now: Tenable Research has released details about four vulnerabilities they found in the OS, including an authenticated remote code execution flaw that can be leveraged against routers with default credentials.
0 kommentar(er)
