### [CVE-2018-14847](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14847)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.

### POC

#### Reference
- https://github.com/BasuCert/WinboxPoC
- https://github.com/BigNerd95/WinboxExploit
- https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf
- https://github.com/tenable/routeros/tree/master/poc/bytheway
- https://github.com/tenable/routeros/tree/master/poc/cve_2018_14847
- https://www.exploit-db.com/exploits/45578/

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Acengerz/WinboxPoC
- https://github.com/AsrafulDev/winboxbug
- https://github.com/BasuCert/WinboxPoC
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/ElAcengerz/WinboxPoC
- https://github.com/GhostTroops/TOP
- https://github.com/ImranTheThirdEye/MikroTik-Check
- https://github.com/JERRY123S/all-poc
- https://github.com/Jie-Geng/PoC
- https://github.com/K3ysTr0K3R/CVE-2018-14847-EXPLOIT
- https://github.com/K3ysTr0K3R/K3ysTr0K3R
- https://github.com/MRZyNoX/Wifi-Hack
- https://github.com/NozomiNetworks/pywinbox
- https://github.com/Octha-DroiidXz/Cracker-Winbox
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PuguhDy/0-day-exploit-Mikrotik
- https://github.com/RainardHuman/WinBox_Exploit
- https://github.com/Ratlesv/LadonGo
- https://github.com/Tr33-He11/winboxPOC
- https://github.com/ahmadyusuf23/Mikrotik-Exploit
- https://github.com/alamsyahh15/PocWinbox
- https://github.com/babyshen/routeros-CVE-2018-14847-bytheway
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/daren48842/daren48841
- https://github.com/dedesundara/sapulidi
- https://github.com/developershakil260/winboxbug
- https://github.com/eckoxxx/ecko
- https://github.com/eclypsium/mikrotik_meris_checker
- https://github.com/etc-i/Y
- https://github.com/exploit747/WinboxPoc
- https://github.com/ferib/WinboxExploit
- https://github.com/firmanandriansyah/WinboxExploitMikrotik
- https://github.com/gladiopeace/awesome-stars
- https://github.com/hacker30468/Mikrotik-router-hack
- https://github.com/hktalent/TOP
- https://github.com/jas502n/CVE-2018-14847
- https://github.com/jbmihoub/all-poc
- https://github.com/johnoseni1/Router-hacker-Exploit-and-extract-user-and-password-
- https://github.com/jphasibuan23/Tes
- https://github.com/k8gege/Ladon
- https://github.com/k8gege/LadonGo
- https://github.com/lnick2023/nicenice
- https://github.com/mahmoodsabir/mikrotik-beast
- https://github.com/msterusky/WinboxExploit
- https://github.com/nomiyousafzai/mnk
- https://github.com/notfound-git/WinboxPoC
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/retr0-13/mikrotik_meris_checker
- https://github.com/ridwan-aplikom/hackwifi
- https://github.com/shengshengli/LadonGo
- https://github.com/sinichi449/Python-MikrotikLoginExploit
- https://github.com/sponkmonk/Ladon_english_update
- https://github.com/spot-summers/winbox
- https://github.com/syrex1013/MikroRoot
- https://github.com/u53r55/darksplitz
- https://github.com/vickysanthosh/routersploit
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whiterabb17/MkCheck
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/yukar1z0e/CVE-2018-14847