Community discussions

Search found 12 matches

by VipITBE
Wed Apr 25, 2018 12:15 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

my take on remote accessible device management - and some may be behind a "one-way" access medium, like NAT or 3G/4G, where you can't just connect to the device from the outside - is to have a VPS running routeros. and there's no ports exposed there, but only IPSec. so the managed devices shall con...
by VipITBE
Tue Apr 24, 2018 9:29 am
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

!) winbox - fixed vulnerability that allowed to gain access to an unsecured router; Shifting of the blame onto users... what else are we supposed to use for remote management? why would you let everyone have possible access to your router? EVERY router needs to be secured. You would not want anyone...
by VipITBE
Mon Apr 23, 2018 4:20 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

Just FYI, in logs I saw login attemps, but they all seems to failed, not one of them is successfull. This is from Web. Most likely unrelated. Maybe, but this is strange. Web interface indeed is available from Internet, but I changed default port from 80 to something else, and there was 5 attemps in...
by VipITBE
Mon Apr 23, 2018 4:07 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

Just FYI,

in logs I saw login attemps, but they all seems to failed, not one of them is successfull.
This is from Web. Most likely unrelated.
but should still be firewalled :)
by VipITBE
Mon Apr 23, 2018 3:34 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

What is happening here is downloading files from a router without the password. Over a port that normally doesn't even allow downloading those files. I find it hard to believe that this is simply "a bug". There must be base functionality of downloading, and the bug is only that it can be done witho...
by VipITBE
Mon Apr 23, 2018 3:32 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

Concur this is a serious issue and glad Mikrotik is addressing it promptly. However it appears, (not 100% sure) that the failure by an admin to ensure WINBOX is not accessible from the outside is what allows this exploit to be used. Most experienced admins would use vpn to access the router and the...
by VipITBE
Mon Apr 23, 2018 3:30 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

Even with the later versions or ROS, you can download a backup, restore it on a virtual machine running same software version As a user without insight in the internals, you can download a backup only from a router when you know the password already, right? What is happening here is downloading fil...
by VipITBE
Mon Apr 23, 2018 3:02 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

On the other hand, when you are the one that set the password and you can't log in to your own router, even though you could just reset to defaults or Netinstall to fix it, it's sometimes nice to be able to recover it so that the question of "what on EARTH could I have possibly set the password to?...
by VipITBE
Mon Apr 23, 2018 1:56 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

On Czech forum is user which have winbox in IP services allowed only for his private range and is hacked :-( https://ispforum.cz/viewtopic.php?p=228863#p228863 It's possible the attack came from his LAN I would also tend to agree. If you firewall all services on your WAN unless it comes from truste...
by VipITBE
Mon Apr 23, 2018 1:47 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

How it works: The vulnerability allowed a special tool to connect to the Winbox port, and request the system user database file. They gain access on a file within the router, right? What kind of information is stored in there? You don't know what is stored in the system user database file ???? :lol...
by VipITBE
Mon Apr 23, 2018 1:39 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 93949

Re: Advisory: Vulnerability exploiting the Winbox port

How it works: The vulnerability allowed a special tool to connect to the Winbox port, and request the system user database file. They gain access on a file within the router, right? What kind of information is stored in there? You don't know what is stored in the system user database file ???? :lol:
by VipITBE
Thu Feb 27, 2014 1:45 pm
Forum: General
Topic: Feature request: openvpn topology subnet mode
Replies: 4
Views: 2574

Re: Feature request: openvpn topology subnet mode

topology subnet is working for me, however, when connection with openvpn for windows to my linux openvpn server, I cannot contact the mikrotik clients connecting to that same openvpn server. from linux or from the server itself, the mikrotik clients and subnets are reachable, so this is something st...