Mikrotik RouterOS Telnet Arbitrary Root File Creation

Posted by deepcore on December 16, 2018 – 3:00 am

An exploitable arbitrary file creation weakness has been identified in Mikrotik RouterOS that can be leveraged by a malicious attacker to exploit all known versions of Mikrotik RouterOS. The RouterOS contains a telnet client based on GNU inetutils with modifications to remove shell subsystem. However an attacker can leverage the “set tracefile” option to write an arbitrary file into any “rw” area of the filesystem, escaping the restricted shell to gain access to a “ash” busybox shell on some versions. The file is created with root privileges regardless of the RouterOS defined group.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Facebook And Google Reviews System For Businesses 1.1 SQL Injection Huawei Router HG532e Command Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Mikrotik RouterOS Telnet Arbitrary Root File Creation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL