Skip to content

README.md

Latest commit

 

History

History
30 lines (21 loc) · 1.27 KB

README.md

File metadata and controls

30 lines (21 loc) · 1.27 KB

Oeliander Vulnerability Scanner

MikroTik Router Exploitation Kit

  • WinBox Auth Bypass Credential Disclosure (CVE-2018-14847)
    -- Allows direct SSH into the vulnerable device using collected credentials
    -- Allows for uploads to the target system
    -- Allows for root backdoor install using MikroTik options package UNTESTED

  • Shodan search integration
    -- Allows for target collection and IP assessments using shodan

Future Vulnerability Scanner Integrations

  • F5 Big-IP Remote Code Execution Vulnerability [CVE-2023-46747]
  • Juniper SRX Firewall Vulnerability [CVE-2023-36845]
  • OpenFire Console Authentication Bypass Vulnerability [CVE-2023-3215]
  • Remote Unauthenticated Code Execution Vulnerability in OpenSSH server [CVE-2024-6387]
  • VMWare Aria Operations for Networks (vRealize Network Insight) unauthenticated RCE [CVE-2023-20887]
  • VMWare ESXi RCE Exploit [CVE2021-21974]
  • Atlassian Bitbucket Data Center Deserialization Vulnerability [CVE-2022-26133]
  • ConnectWise ScreenConnect-AuthBypass-RCE [CVE-2024-1708][CVE-2024-1709]

MkCheck given an easy to use UI