A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the routers is not that difficult. “RouterOS [the underlying operating system] ships with a fully functional ‘admin’ user. Hardening guidance tells administrators to delete the ‘admin’ user, but we know a large number of installations haven’t,” Baines explained. “We probed a sample of hosts on … Continue reading MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)