[AusNOG] Mikrotik Advisory: Vulnerability exploiting the Winbox port

Joseph Goldman joe at apcs.com.au
Mon Apr 23 21:54:34 EST 2018

Previous message: [AusNOG] Rise in fake calling numbers?
Next message: [AusNOG] MSN (Azure) and NTT peering in Sydney
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

https://forum.mikrotik.com/viewtopic.php?f=21&t=133533

TL;DR - someone can push a request to winbox port and get the internal 
USER DB back before authing.

If best practice is followed (i.e. firewalled off) - you should not have 
been compromised, but best to update when new ROS available and change 
your passwords (just in case)

Previous message: [AusNOG] Rise in fake calling numbers?
Next message: [AusNOG] MSN (Azure) and NTT peering in Sydney
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the AusNOG mailing list