Описание
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
9.1 Critical
CVSS3
7.2 High
CVSS3
Дефекты
Связанные уязвимости
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system.
Уязвимость интерфейсов Winbox и HTTP операционной системы RouterOS маршрутизаторов MikroTik, позволяющая нарушителю повысить свои привилегии до уровня Super Admin
EPSS
9.1 Critical
CVSS3
7.2 High
CVSS3