Hi,
Google revealed for me this github repo (5 month old files):
https://github.com/0ki/mikrotik-tools/b ... it_full.sh
There are some scripts which shows how to enable devel mode on several ROS version exploiting a backup file.
In short the attacker must know username/password to be able to login to the box. Then it creates a backup file , uploads it to a server, modifes thab file and uploads it back to the box. After restoring the backup the exploit is activated and devel mode available (it means the attacker has linux shell access and is able to install any binary it wants and is able to do any modifications too).
The visible sign is that there is a backup file named using this template:
jb_$$_$RANDOM.backup
where $$ is PID number of a process and $RANDOM is a random number. So if you see such a file in your 'files' you were exploited probably.
I tried to search this forum and ROS changelog but I found no signs that the vulnerability has been discussed or solved. Sorry if I missed something...
The question is - is this vulnerability already solved? In which version?