MikroTik Router Vulnerabilities Can Lead to Backdoor Creation

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,176
Content source
https://www.securityweek.com/mikrotik-router-vulnerabilities-can-lead-backdoor-creation
A chain of vulnerabilities in MikroTik routers could allow an attacker to gain a backdoor. The chain starts with DNS poisoning, goes on to downgrading the installed version of MikroTik's RouterOS software, and ends with enabling a backdoor.

Tenable researchers found the vulnerabilities and disclosed two to MikroTik on September 11, 2019 (CVE-2019-3976 and CVE-2019-3977) and two more on September 13, 2019 (CVE-2019-3978 and CVE-2019-3979). It said, "By chaining these vulnerabilities, an unauthenticated remote attacker with access to port 8291 on the router, can perform a RouterOS downgrade, reset the system passwords, and potentially gain a root shell." MikroTik released patches on October 28, 2019.
Click to expand...
www.securityweek.com

MikroTik Router Vulnerabilities Can Lead to Backdoor Creation

A chain of vulnerabilities in MikroTik routers starts with DNS poisoning, goes on to downgrading the installed version of MikroTik's RouterOS software, and ends with enabling a backdoor.
www.securityweek.com www.securityweek.com
 
  • Like
  • +Reputation
Reactions: Andy Ful, upnorth, Gandalf_The_Grey and 1 other person
SerialCart

SerialCart

From Serialcart.com
Verified
Top Poster
Well-known
Oct 27, 2019
501
silversurfer said:
www.securityweek.com

MikroTik Router Vulnerabilities Can Lead to Backdoor Creation

A chain of vulnerabilities in MikroTik routers starts with DNS poisoning, goes on to downgrading the installed version of MikroTik's RouterOS software, and ends with enabling a backdoor.
www.securityweek.com www.securityweek.com
Click to expand...
This is not the first serious security issue that is discovered in Mikrotik products and services. I purchased a Mikrotik cloud some some years back to handle my VPNs but after some other security issues last year I switched to pfSense.
 
  • Like
Reactions: Dave Russo, harlan4096 and upnorth
bayasdev

bayasdev

Level 19
Verified
Top Poster
Well-known
Sep 10, 2015
901
Thanks, I just upgraded my hAP ac2. I don't have any open port from outside so that should minimize the attack surface to an infiltrated into my main VLAN (I originally bought this thing to separate devices into different VLANs and bandwidth management).
 
  • Like
Reactions: Dave Russo and upnorth
Cortex

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Also TP-Link Routers which aren't cheap have most infrequent firmware updates & are as trustworthy as an ex girlfriend I had - Most people often without realising use lots of IOT devices & common routers are virtually useless in protecting your network.
 
  • Like
  • HaHa
Reactions: Dave Russo and bayasdev
bayasdev

bayasdev

Level 19
Verified
Top Poster
Well-known
Sep 10, 2015
901
Cortex said:
Also TP-Link Routers which aren't cheap have most infrequent firmware updates & are as trustworthy as an ex girlfriend I had - Most people often without realising use lots of IOT devices & common routers are virtually useless in protecting your network.
Click to expand...
Mikrotik SOHO routers are on the same price range as a TP-LINK AC Gigabit router. $70 for a hAP ac2 vs $60 for the Archer A7. Also Mikrotik has advanced features and usually better hardware (quad core ARM on the ac2 vs single core MIPS on the A7) plus the advantage of getting security and feature updates regularly.
 
  • Like
Reactions: Cortex
You must log in or register to reply here.

Similar threads

MuzzMelbourne
    • Like
    • +Reputation
    • Applause
ASUS urges customers to patch critical router vulnerabilities
Replies
2
Views
1,080
News Archive
blackice
blackice
silversurfer
    • Like
Hundreds of thousands of MikroTik devices still vulnerable to botnets
Replies
0
Views
579
News Archive
silversurfer
silversurfer
upnorth
    • +Reputation
    • Like
Asus Router Access, information disclosure, Denial of Service Vulnerabilities discovered
Replies
0
Views
606
News Archive
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top