28th Oct, 2019 | Security
Tenable has identified a vulnerability in RouterOS DNS implementation. RouterOS 6.45.6 and below is vulnerable to unauthenticated remote DNS cache poisoning via Winbox. The router is impacted even when DNS is not enabled.
One possible attack vector is via Winbox on port 8291 if this port is open to untrusted… Full story
28th Oct, 2019 | Security
Tenable has identified a couple of issues with RouterOS packaging and upgrade systems. The upgrade system used by RouterOS 6.45.5 and below is vulnerable to man in the middle attacks and insufficient package validation. An attacker can abuse these vulnerabilities to downgrade a router's installed RouterOS version, possibly lock the… Full story
20th Jun, 2019 | Security
Netflix has identified several TCP networking vulnerabilities in the Linux kernel that is used in RouterOS. The vulnerabilities can trigger denial of service if the RouterOS system is attacked from an insufficiently protected network interface (port). Firewall can protect against the issue.
MikroTik has already applied the necessary patches… Full story
22nd Feb, 2019 | Security
On February 21, Tenable published a new CVE, describing a vulnerability, which allows to proxy a TCP/UDP request through the routers Winbox port, if it's open to the internet. Tenable had previously contacted MikroTik about this issue, so a fix has already been released on February 11, 2019 in… Full story
9th Oct, 2018 | Security
A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year, the new attack method found by Tenable Research exploits the same vulnerability, but takes it… Full story
23rd Aug, 2018 | Security
MikroTik was contacted by Tenable Inc. who had discovered several issues in RouterOS web server. The issues only affect authenticated users, meaning, to exploit them, there must be a known username and password on the device. Your data, access to the system and configuration are not under risk. All the… Full story
9th Aug, 2018 | Security
It has come to our attention that a new way of brute force attack based on WPA2 standard using PMKID has come to light.
This attack actually is a brute force attack on WPA2 preshared key. The reason this attack is considered effective is because it can be performed offline… Full story
30th May, 2018 | Security
This post summerizes the facts around the www service vulnerability in RouterOS which was published by Wikileaks as part of the Vault 7 document release. The vulnerability affected the RouterOS webfig configuration interface, if no firewall was put in place to protect it. MikroTik fixed the vulnerability in the… Full story
25th Mar, 2018 | Security
This post summarises the Winbox server vulnerability in RouterOS, discovered and fixed in RouterOS on April 23, 2018. Note that although Winbox was used as point of attack, the vulnerabilitty was in RouterOS. This issue was later assigned a universal identifier CVE-2018-14847. How it works: The vulnerability allowed a special… Full story