This is a proof of concept for the CVE-2018-14847 Winbox vulnerability, This allows a remote attack to read arbitrary files.

Vulnerable Versions

All RouterOS versions from 2015-05-28 to 2018-04-20 are vulnerable to this exploit.

Mikrotik devices running RouterOS versions:

Longterm: 6.30.1 - 6.40.7 Stable: 6.29 - 6.42 Beta: 6.29rc1 - 6.43rc3

For more information see: