Users of hardware running Mikrotik RouterOS are urged to ensure their devices are secured after news of yet another security vulnerability affecting the platform.
The vulnerability allows a hacker to access the device remotely using Winbox port 8291 and then download the user database file from the router, extract valid usernames and passwords, and then access the device. It affects RouterOS versions 6.29 to 6.43rc3.
This vulnerability follows closely behind two others in the past month that have affected web access to the devices, and the SMB functionality.
All users of RouterOS should immediately ensure their hardware is upgraded to v6.42.1 (current) or v6.43rc4 (release candidate). It’s important to note the 6.40.x bug fix only release channel does not currently have a fix available. If you are running 6.40.x restricting access via firewall rules to safe IP range(s) is essential to protect your device.
Best security practice is to also to not have a device exposed to the entire Internet on port 80 or 8291 for remote access. If these services are restricted to safe IP range(s) the risks of a device being compromised are reduced.
More information is available on the Mikrotik forums https://forum.mikrotik.com/viewtopic.php?f=21&t=133533
Other related posts:
No, AT aren’t stealing your money. How Stuff confused a nation.
The perils of using Airbnb during big events
How to remotely control your heat pump from your phone for under NZ$25
comments powered by Disqus