MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Routeros | Mikrotik | * | 6.48.7 (including) |
Routeros | Mikrotik | 6.34 (including) | 6.49.7 (excluding) |