CVE-2012-6050
published 2012-11-27CVE-2012-6050: The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and…
PriorityP335medium6.4CVSS 2.0
AVNACLAuNCPINAP
EXPLOIT
EPSS
9.41%
94.8th percentile
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mikrotik | routeros | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Tenable
Slingshot Malware Uses IoT Device in Targeted Attacks
blogs_tenable·2018-03-19·CVSS 6.4
[MEDIUM] Slingshot Malware Uses IoT Device in Targeted Attacks
Blog / Cyber Exposure Alerts
Subscribe
# Slingshot Malware Uses IoT Device in Targeted Attacks
Tony Huffman
March 19, 2018
4 Min Read
A new APT malware attack has been discovered by Kaspersky Lab. The malware named Slingshot, due to a string in one of the hijacked system DLLs, is a sophisticated attack that leads to a nasty rootkit. The final rootkit named Cahnadr takes control of system processes, allowing for monitoring of keystrokes, clipboard, network traffic and more.
### Background
Kaspersky Lab recently analyzed a sophisticated malware they named Slingshot. The paper published by Kaspersky Lab outlines details on how Slingshot operates and suggests the malware has been active since 2012. What makes Slingshot especially interesting is it used a compromised IoT device to infect
Tenable
Slingshot Malware Uses IoT Device in Targeted Attacks
blogs_tenable·2018-03-19
Slingshot Malware Uses IoT Device in Targeted Attacks
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
http://www.133tsec.com/2012/04/30/0day-ddos-mikrotik-server-side-ddos-attack/http://www.exploit-db.com/exploits/18817https://exchange.xforce.ibmcloud.com/vulnerabilities/75327http://www.133tsec.com/2012/04/30/0day-ddos-mikrotik-server-side-ddos-attack/http://www.exploit-db.com/exploits/18817https://exchange.xforce.ibmcloud.com/vulnerabilities/75327
2012-11-27
Published