Fresh from DerbyCon/Jacob Barnes:
"Hey @derbycon if you didn't wake up early enough to catch my talk, I just dropped a variation on CVE-2018-14847 that allows attackers to remotely root a Mikrotik router: "
https://github.com/tenable/routeros/tree/master/poc/bytheway
This was patched months ago. Just another exploit for an old vuln. On Oct 7, 2018, 10:05 -0400, John Ricketts john@quintex.com, wrote:
Fresh from DerbyCon/Jacob Barnes:
"Hey @derbycon if you didn't wake up early enough to catch my talk, I just dropped a variation on CVE-2018-14847 that allows attackers to remotely root a Mikrotik router: "
https://github.com/tenable/routeros/tree/master/poc/bytheway
Correct, this was patched months ago. But surprisingly there are still a s***load of ppl out there that don’t patch or secure their routers/equipment. The posts I see almost daily about wisps wining that their network is hacked or routers are doing funny stuff is appalling...
Ruben - ON3RVH
On 7 Oct 2018, at 17:39, Danny Messano (drmessano) drmessano@gmail.com wrote:
This was patched months ago. Just another exploit for an old vuln.
On Oct 7, 2018, 10:05 -0400, John Ricketts john@quintex.com, wrote: Fresh from DerbyCon/Jacob Barnes:
"Hey @derbycon if you didn't wake up early enough to catch my talk, I just dropped a variation on CVE-2018-14847 that allows attackers to remotely root a Mikrotik router: "
https://github.com/tenable/routeros/tree/master/poc/bytheway
On 07.10.2018 17:50, Ruben ON3RVH wrote:
Correct, this was patched months ago. But surprisingly there are still a s***load of ppl out there that don’t patch or secure their routers/equipment. The posts I see almost daily about wisps wining that their network is hacked or routers are doing funny stuff is appalling...
That is understandable as each Mikrotik upgrade is like you are attacking your own router. It is rare that it goes on without breaking something.
My experience is that even basic configuration breaks after upgrades.
I personally stay on the bugfix version and never had any troubles upgrading. But that is also why you need a lab environment to test things out before going to production.
Just me .02$ ;)
Ruben - ON3RVH
On 7 Oct 2018, at 22:49, Pedja YT9TP yt9tp@uzice.net wrote:
On 07.10.2018 17:50, Ruben ON3RVH wrote: Correct, this was patched months ago. But surprisingly there are still a s***load of ppl out there that don’t patch or secure their routers/equipment. The posts I see almost daily about wisps wining that their network is hacked or routers are doing funny stuff is appalling...
That is understandable as each Mikrotik upgrade is like you are attacking your own router. It is rare that it goes on without breaking something.
My experience is that even basic configuration breaks after upgrades.
-- 73, Pedja YT9TP
Checkout: https://pedja.supurovic.net/ https://yu1abh.uzice.net/ https://www.facebook.com/yu1abh/ https://www.facebook.com/groups/yu1abh.konstruktori/ http://www.radio-amater.rs/
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
It was mentioned it was a variation. I'm going to try it.
On Oct 7, 2018, at 10:40, Danny Messano (drmessano) drmessano@gmail.com wrote:
This was patched months ago. Just another exploit for an old vuln.
On Oct 7, 2018, 10:05 -0400, John Ricketts john@quintex.com, wrote: Fresh from DerbyCon/Jacob Barnes:
"Hey @derbycon if you didn't wake up early enough to catch my talk, I just dropped a variation on CVE-2018-14847 that allows attackers to remotely root a Mikrotik router: "
https://github.com/tenable/routeros/tree/master/poc/bytheway
This was announced yesterday at DerbyCon, by someone I respect quite a bit. I will let you know my results. Please note this is a variation on the existing known vulnerability, CVE-2018-14847, which was August 2, 2018.
On Oct 7, 2018, at 10:40, Danny Messano (drmessano) drmessano@gmail.com wrote:
This was patched months ago. Just another exploit for an old vuln.
On Oct 7, 2018, 10:05 -0400, John Ricketts john@quintex.com, wrote: Fresh from DerbyCon/Jacob Barnes:
"Hey @derbycon if you didn't wake up early enough to catch my talk, I just dropped a variation on CVE-2018-14847 that allows attackers to remotely root a Mikrotik router: "
https://github.com/tenable/routeros/tree/master/poc/bytheway
-
Danny Messano (drmessano) -
John Ricketts -
Pedja YT9TP -
Ruben ON3RVH