MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
https://0xkuc1n9hack.medium.com/exploit-cve-2018-14847-winbox-routeros-6-33-6-42-8a76a426f12e?source=rss------exploit-5
https://www.tenable.com/blog/analyzing-the-vulnerabilities-associated-with-the-top-malware-strains-of-2021
Source: Mitre, NVD
Published: 2018-08-02
Updated: 2019-03-07
Base Score: 6.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N
Severity: Medium
Base Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity: Critical