Back to KEVs

CVE-2018-14847

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write...

Basic Information

CVE State: PUBLISHED
Reserved Date: August 02, 2018
Published Date: August 02, 2018
Last Updated: February 04, 2025
Vendor: MikroTik
Product: RouterOS
Description: MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Tags

CVSS Scores

CVSS v3.1

9.1 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v2.0

6.4

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2021-12-01 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2025-04-16 18:37:08 UTC) Source

References

https://www.exploit-db.com/exploits/45578/ https://github.com/BigNerd95/WinboxExploit https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf https://github.com/BasuCert/WinboxPoC https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847 https://n0p.me/winbox-bug-dissection/ https://github.com/tenable/routeros/tree/master/poc/bytheway

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-12-01 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nessus	https://www.tenable.com/plugins/nessus/502066	2025-06-02 13:59:12 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

tausifzaman/CVE-2018-14847

Type: github • Created: 2025-04-16 18:37:08 UTC • Stars: 0

This is a proof of concept of the critical WinBox vulnerability (CVE-2018-14847) which allows for arbitrary file read of plain text passwords. The vulnerability has long since been fixed, so this project has ended and will not be supported or updated anymore. You can fork it and update it yourself instead.

K3ysTr0K3R/CVE-2018-14847-EXPLOIT

Type: github • Created: 2024-04-22 22:33:25 UTC • Stars: 2

A PoC exploit for CVE-2018-14847 - MikroTik WinBox File Read

babyshen/routeros-CVE-2018-14847-bytheway

Type: github • Created: 2022-10-31 06:38:11 UTC • Stars: 4

By the Way is an exploit that enables a root shell on Mikrotik devices running RouterOS versions:

yukar1z0e/CVE-2018-14847

Type: github • Created: 2020-04-29 01:40:33 UTC • Stars: 1

jas502n/CVE-2018-14847

Type: github • Created: 2018-12-15 10:38:26 UTC • Stars: 27

MikroTik RouterOS Winbox未经身份验证的任意文件读/写漏洞

Timeline

CVE ID Reserved

August 02, 2018
CVE Published to Public

August 02, 2018
Added to KEVIntel

December 01, 2021
Proof of Concept Exploit Available

April 16, 2025
Detected by Nessus

June 02, 2025