CVE-2018-14847
MikroTik Router OS Directory Traversal Vulnerability
CVSS
—
No CVSS
EPSS
96.1%
p100
KEV
YES
Dec 1, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
96.1%EPSS · 30 days96.1%
2026-06-302026-07-16
Product
MikroTik / RouterOS
Vulnerability
MikroTik Router OS Directory Traversal Vulnerability
Added to KEV
Dec 1, 2021
Remediate by
Jun 1, 2022
Known ransomware use
No
Summary description
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-14847
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-7445—99.1%
KEV—80MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability—