Mikrotikin laitteissa haavoittuvuus, vaikka vaatii jo admin tunnuksen, niin alla olevat hyvä huomioida.
A critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to take full control over a device and remain undetected.
The flaw, CVE-2023-30799, allows remote attackers
with an existing admin account to elevate their privileges to "super-admin" via the device's Winbox or HTTP interface.
... The exploit requires authentication as "admin," however, VulnCheck explains that RouterOS ships with a fully functional admin user by default, which nearly 60% of MikroTik devices still use despite the vendor's hardening guidance suggesting its deletion.
Moreover, the default admin password was an empty string until October 2021, when this issue was fixed with the release of RouterOS 6.49.
Finally, RouterOS does not impose admin password strengthening requirements, so users may set anything they like, which makes them susceptible to brute-forcing attacks, for which MikroTik does not offer any protection except on the SSH interface.
"All of this is to say, RouterOS suffers from a variety of issues that make guessing administrative credentials easier than it should be," comments VulnCheck
"We believe CVE-2023-30799 is much easier to exploit than the CVSS vector indicates."
The Mikrotik CVE-2023-30799 vulnerability was first disclosed without an identifier in June 2022, and MikroTik fixed the issue in October 2022 for RouterOS stable (v6.49.7) and on July 19, 2023, for RouterOS Long-term (v6.49.8).
A critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to take full control over a device and remain undetected.
www.bleepingcomputer.com