[AusNOG] Mikrotik Advisory: Vulnerability exploiting the Winbox port

Joseph Goldman joe at apcs.com.au
Mon Apr 23 21:54:34 EST 2018


TL;DR - someone can push a request to winbox port and get the internal 
USER DB back before authing.

If best practice is followed (i.e. firewalled off) - you should not have 
been compromised, but best to update when new ROS available and change 
your passwords (just in case)

More information about the AusNOG mailing list