{"id":2885,"date":"2019-02-25T19:02:38","date_gmt":"2019-02-25T19:02:38","guid":{"rendered":"http:\/\/www.mtin.net\/blog\/?p=2885"},"modified":"2019-02-25T19:02:38","modified_gmt":"2019-02-25T19:02:38","slug":"mikrotik-vulnerability","status":"publish","type":"post","link":"http:\/\/www.mtin.net\/blog\/mikrotik-vulnerability\/","title":{"rendered":"Mikrotik Vulnerability"},"content":{"rendered":"<p>On February 2 a CVE issue was published, describing a vulnerability, which allows to proxy a TCP\/UDP request through the routers Winbox port if it&#8217;s open to the internet.<\/p>\n<p>A fix has already been released on February 11, 2019 in all RouterOS release channels. Please keep your device up to date, and protect Winbox port from untrusted networks.<\/p>\n<p>More information:<br \/>\n<a href=\"https:\/\/blog.mikrotik.com\/security\/cve-20193924-dude-agent-vulnerability.html\">https:\/\/blog.mikrotik.com\/security\/cve-20193924-dude-agent-vulnerability.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On February 2 a CVE issue was published, describing a vulnerability, which allows to proxy a TCP\/UDP request through the routers Winbox port if it&#8217;s open to the internet. A fix has already been released on February 11, 2019 in all RouterOS release channels. Please keep your device up to date, and protect Winbox port [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[1],"tags":[25],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6VLMf-Kx","jetpack-related-posts":[{"id":2277,"url":"http:\/\/www.mtin.net\/blog\/winbox-brute-force\/","url_meta":{"origin":2885,"position":0},"title":"Winbox brute Force","author":"j2sw","date":"June 1, 2018","format":false,"excerpt":"You really should not have your winbox port open to anything but a management network, but if you need a script to help with brute force on the Mikrotik. add action=drop chain=input comment=\"drop winbox brute forcers\" dst-port=8291 \\ protocol=tcp src-address-list=winbox_blacklist add action=add-src-to-address-list address-list=winbox_blacklist \\ address-list-timeout=1w3d chain=input connection-state=new dst-port=8291 \\ protocol=tcp\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1879,"url":"http:\/\/www.mtin.net\/blog\/vulnerability-in-wpa2\/","url_meta":{"origin":2885,"position":1},"title":"Vulnerability in WPA2","author":"j2sw","date":"October 16, 2017","format":false,"excerpt":"https:\/\/arstechnica.com\/information-technology\/2017\/10\/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping\/ An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the\u00a0Wi-Fi Protected Access II protocol\u00a0that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points. The proof-of-concept exploit is called KRACK, short for\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"http:\/\/www.mtin.net\/blog\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.mtin.net\/blog\/wp-content\/uploads\/2017\/09\/download.jpg?fit=236%2C213&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1078,"url":"http:\/\/www.mtin.net\/blog\/new-routeros-6-34-4\/","url_meta":{"origin":2885,"position":2},"title":"New routerOS 6.34.4","author":"j2sw","date":"March 30, 2016","format":false,"excerpt":"From Mikrotik: To upgrade, click \"Check for updates\" at \/system package in your RouterOS configuration interface, or head to our download page: http:\/\/www.mikrotik.com\/download What's new in 6.34.4 (2016-Mar-24 13:13): *) bonding - fixed crash on bonding slave release; *) bonding - fixed mac-address disappearance after reboot in specific setups; *)\u2026","rel":"","context":"In &quot;Mikrotik&quot;","block_context":{"text":"Mikrotik","link":"http:\/\/www.mtin.net\/blog\/category\/mikrotik\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2232,"url":"http:\/\/www.mtin.net\/blog\/mikrotik-releases-6-42\/","url_meta":{"origin":2885,"position":3},"title":"Mikrotik Releases 6.42","author":"j2sw","date":"April 25, 2018","format":false,"excerpt":"From Mikrotik We have released new RouterOS versions in current channel. To upgrade, click \"Check for updates\" at \"System\/Package\" in your RouterOS configuration interface, or head to our download page: http:\/\/www.mikrotik.com\/download What's new in 6.42 (2018-Apr-13 11:03): !) tile - improved system performance and stability (\"\/system routerboard upgrade\" required); !)\u2026","rel":"","context":"In \"mikrotik\"","block_context":{"text":"mikrotik","link":"http:\/\/www.mtin.net\/blog\/tag\/mikrotik-2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":263,"url":"http:\/\/www.mtin.net\/blog\/new-software-features\/","url_meta":{"origin":2885,"position":4},"title":"New Software Features","author":"j2sw","date":"April 23, 2015","format":false,"excerpt":"RoMON another blog post will follow on this. Need to use Winbox 3 FastTrack FastPath + Connection Tracking FastTrack Accelerates packet processing for specific connection tracking entries Full NAT support Works with IPv4\/TCP and IPv4\/UDP \u00a0","rel":"","context":"In &quot;Mikrotik&quot;","block_context":{"text":"Mikrotik","link":"http:\/\/www.mtin.net\/blog\/category\/mikrotik\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1333,"url":"http:\/\/www.mtin.net\/blog\/mikrotik-routeros-3-36\/","url_meta":{"origin":2885,"position":5},"title":"Mikrotik RouterOS 3.36","author":"j2sw","date":"July 22, 2016","format":false,"excerpt":"Lots of things fixed in this release. What's new in 6.36 (2016-Jul-20 14:09): *) arm - added Dude server support; *) dude - (changes discussed here: http:\/\/forum.mikrotik.com\/viewtopic.php?f=8&t=110428); *) dude - server package is now made smaller. client side content upgrade is now removed from it and is downloaded straight from\u2026","rel":"","context":"In &quot;Mikrotik&quot;","block_context":{"text":"Mikrotik","link":"http:\/\/www.mtin.net\/blog\/category\/mikrotik\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts\/2885"}],"collection":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/comments?post=2885"}],"version-history":[{"count":1,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts\/2885\/revisions"}],"predecessor-version":[{"id":2886,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts\/2885\/revisions\/2886"}],"wp:attachment":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/media?parent=2885"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/categories?post=2885"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/tags?post=2885"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}