Hello everyone,
I have a new HEX device to use for configuring site to site wiregurard.
when updating the router to v7, I tried to open the terminal , it gave that “terminal not permitted( 9)”
so I noticed a net user called system have full policy and the default user “admin” have an admin policy , I couldn’t reset the configuration or open the terminal. note that the router is not connected to WAN yet , this happens after the upadate to V7.
When you have a new router and for some reason it was delivered with v6, it is better to use netinstall to install v7 instead of upgrading it.
Thank you for your reply! I’ll do it next time.
I’d netinstall device now. ROS doesn’t create any user (apart from admin) which means your debice might be tempered with. And you don’t want that, do you?
I have 2x RB5009UG+S+ with 7.20.2 running with the same issue.
user: System group: full
user: admin group: admin
Dear Mikrotik ( @strods ) how can I give user admin full access again?
Your routers have been hacked.
Export configuration to text file (hopefully the admin user still can do it), store it off device. You'll probably want to use it as reminder about configuration.
Then netinstall devices and reset configuration to default. After that add configuration if anything is needed ... but keep changes to minimum. Default config is pretty safe and sane, most inexperienced users tend to break it (while attempting to make it better).
And by no means use exported config (or even worse, binary backup) to restore config ... you'll end up with same broken state.
Make sure that you computer, used for netinstall and initial configuration, is virus free (because router is extremely vulnerable during these stages). And before exposing router to internet disable services which are not needed (e.g. web service providing webfig and API).
1 Like
Thx, but my routers aren’t connected to the internet directly. And all my Mac’s are clean and nobody else is here. I will investigate further ofcourse how this is possible.