Severe Privilege Escalation Issue on MikroTik RouterOS Can Grant Remote Control
- A privilege escalation issue in MikroTik RouterOS could allow remote attackers to execute arbitrary code and gain full control of vulnerable devices.
- The vulnerability is known as CVE-2023-30799 and has a high CVSS score of 9.1.
- Approximately 500,000 RouterOS systems are at risk through the web interface, while 900,000 are vulnerable through the Winbox interface.
MikroTik RouterOS, a widely used operating system on routers, has been found to have a severe privilege escalation vulnerability. This vulnerability allows remote malicious actors to exploit the weakness and execute arbitrary code, essentially granting them complete control over the vulnerable devices. The issue has been identified as CVE-2023-30799 and has been given a high CVSS score of 9.1.
The impact of this vulnerability is significant, as it puts a large number of RouterOS systems at risk. Approximately 500,000 systems are vulnerable through their web interface, while an even larger number of 900,000 systems are susceptible through the Winbox interface.
This vulnerability poses a serious threat to the security and functionality of these routers. If exploited, an attacker can remotely execute code and gain full control over the device. This would allow them to manipulate settings, access sensitive information, and potentially launch further attacks on connected networks. The consequences of such a breach could be severe and wide-ranging.
A privilege escalation vulnerability has been discovered in MikroTik RouterOS, a popular router operating system. This vulnerability, known as CVE-2023-30799, poses a serious threat as it allows remote attackers to execute arbitrary code and take complete control of vulnerable devices. The web interface of approximately 500,000 systems and the Winbox interface of 900,000 systems are at risk. The implications of this vulnerability are significant and can result in unauthorized access, data breach, and network compromise. Users of MikroTik RouterOS should take immediate steps to patch and secure their devices to prevent exploitation.
Original Article: https://thehackernews.com/2023/07/critical-mikrotik-routeros.html