Depending on your software version, yes, that is correct. See https://blog.mikrotik.com/security/winb ... ility.htmlSo you mean they have some exploit in the device that they could gain access anytime?
Dang it. Sorry about that. I don't know why I didn't notice you were not the OP. I read your reply from the context of the OP. No wonder it didn't make sense to me.@tippenring: I'm not admin of RB trying to outsmart DNS domain admin, @alli is.
Have you tried Winbox 3.18? There's a potential fix there. I just realized you aren't the OP. The OP tried 3.18, but you haven't said you tried it.I'm not a mikrotik master, but i have enough brains to change my credentials after hacking.
You don't necessarily need to post them. Just load the before and after in notepad++ and do a compare.I'll take a look and post them without sensitive configs. Too bad I can't use the Mikrotik auto remove sensitive on saved backups.
What was different between the two configs? That's an easy thing to look at.Right now we are using the CCR that was causing the issue to pass traffic. The only thing that changed to get it to start working was to restore a config file from before the power outage.