Better idea: if the router is setup incorrectly/insecurely, brick it.If CPU is at 100% for the last 5 seconds - remove all IP Socks Access entries xDDarman, how do you think an update will know what socks entries are legitimate and what are not?
But really, none of that is MikroTik's problem to solve.
It is the technician's responsibility to:
- Make sure they don't make the router insecure when they remove the default configuration.
- Make sure they can access the router remotely, and doing so doesn't make it accessible by others. For example through VPN or with an IP whitelist.
- Make sure they have a plan for how to upgrade routers remotely.
I was lucky that my predecessor had a system in place to easily roll out changes to all customer routers at once. So upgrading all customer routers was done within 24 hours of me learning about this vulnerability. We now have an IP whitelist on the winbox service to prevent anything bad in the furture.