See: https://research.checkpoint.com/new-iot ... rm-coming/
Can someone check my proverbial math below
MikroTik RouterOS SNMP Security Bypass Vulnerability 3.13 or earlier vulnerable
MikroTik RouterOS Admin Password Change 4.x or earlier vulnerable
MikroTik Router Remote Denial Of Service 5.15 or earlier vulnerable
So minimum firmware requirement is: 5.16 or later?
Is there a running CVE list of Mikrotik issues somewhere that is regularly updated as new things are found?
Thx David
-
-
silversword
Frequent Visitor
- Posts: 58
- Joined:
Re: IoT Botnet 'IoTroop' or 'IoT Reaper' compromising Mikrotik devices
Where do you have this infomation from as the link directs to page where Mikrotik has "-" for all "Seen in the Context of the current Attack?"
Are you awere that current ROS version is 6.40.4? The latest 5.x version is 5.26 and is long long time obsolete? Why are you bothering about 3.x and 4.x devices? Do you use them? It is as asking for Win 98 problems in the era of Win 10.
Are you awere that current ROS version is 6.40.4? The latest 5.x version is 5.26 and is long long time obsolete? Why are you bothering about 3.x and 4.x devices? Do you use them? It is as asking for Win 98 problems in the era of Win 10.
-
-
silversword
Frequent Visitor
- Posts: 58
- Joined:
Re: IoT Botnet 'IoTroop' or 'IoT Reaper' compromising Mikrotik devices
Well I was just doing my due diligence on security patches, and wanted to make sure I wasn't missing anything (was surprising me to see 5.x was the latest one too). I had to search for the CVE's using the listed descriptions as there was no official numbers listed. I'm sure there are a couple old devices out in the world, just wanted to make sure I wasn't missing anything 
...and while I was at it looking to see if there's a nice spreadsheet listing all known vulnerabilities. I'm sure device vendors don't like to make it easy to see they've had problems in the past, but that list could include a list of discovery date/patch date to show they're on top of fixes for mitigation
...and while I was at it looking to see if there's a nice spreadsheet listing all known vulnerabilities. I'm sure device vendors don't like to make it easy to see they've had problems in the past, but that list could include a list of discovery date/patch date to show they're on top of fixes for mitigation
Re: IoT Botnet 'IoTroop' or 'IoT Reaper' compromising Mikrotik devices
i think the main reason of mikrotik mention in that topic its about bad configured devices, simple passwords or any password at all, dns and ntp servers open to internet etc etc
i think is a good think mikrotik now is brand big enough to be taken into account, that speaks loud about the number of mikrotik devices deployed in internet
i think is a good think mikrotik now is brand big enough to be taken into account, that speaks loud about the number of mikrotik devices deployed in internet
-
-
silversword
Frequent Visitor
- Posts: 58
- Joined:
Re: IoT Botnet 'IoTroop' or 'IoT Reaper' compromising Mikrotik devices
I think I found my answer on a public list of vulnerabilities, though it might not be complete:
https://www.cvedetails.com/vendor/12508/Mikrotik.html
https://www.cvedetails.com/vendor/12508/Mikrotik.html
Re: IoT Botnet 'IoTroop' or 'IoT Reaper' compromising Mikrotik devices
I didn't even really know about those 6.38.5 vulnerabilities - although now that i think about it i recall the 2 page thread going back & forth re: vulnerability vs device limitationI think I found my answer on a public list of vulnerabilities, though it might not be complete:
https://www.cvedetails.com/vendor/12508/Mikrotik.html
That being said - What site should I rely on for vulnerability information regarding Mikrotik/RouterOS?