MikroTik planned to release a fix in the next release on Maand asked Core to do not reveal the details of the flaw. The researchers published a proof of concept exploit code that works with MikroTik’s x86 Cloud Hosted Router.Ĭore first reported the flaw to MikroTik on February 19, 2018. “The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it.” Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.” reads the advisory published by the company. “A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. The vulnerability, tracked as CVE-2018-7445, could be exploited by a remote attacker with access to the service to execute arbitrary code on the system. MikroTik is a Latvian vendor that produce routers used by many telco companies worldwide that run RouterOS Linux-based operating system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |