Blog

 

Dive deep into MikroTik's RouterBoards and RouterOS. We keep you informed and up-to-date, always.

Author

 

Every post is penned by our certified MikroTik engineers, ensuring relevance and accuracy in every word.

Feedback

 

Your insights drive our content. Sharing knowledge, we elevate the MikroTik community in Canada together.

RouterOS CVE-2023-30799: What You Need to Know

RouterOS CVE-2023-30799

What You Need to Know

 

In the fast-evolving world of cybersecurity, staying informed and vigilant is paramount. A new vulnerability has emerged in RouterOS, labeled as CVE-2023-30799. This article delves into the specifics of this issue and offers guidance on ensuring your devices remain protected.

 

 

 

The Vulnerability Explained

 

 

RouterOS has been identified with a policy elevation issue. In simpler terms, an administrator, with the right set of permissions, can craft specific configuration commands, which the router software generally rejects when issued by a typical user. The significant concern is the potential this holds: allowing an adept user to execute arbitrary code on the router, potentially taking control of the entire operating system on which RouterOS runs.

 

However, it's crucial to note the conditions under which this can happen. To exploit this vulnerability:

  • One must have administrative access to RouterOS.
  • The exploiter needs to know the username and password.
  • The device should not be protected by a firewall.

This vulnerability can be likened to providing a thief with the keys to your home – if they're inside, they can do almost anything.

 

 

 

 

Broader Implications

 

 

While the CVE-2023-30799 is alarming, administrators with full rights in RouterOS already possess considerable control over most of the router's functions. They can save, modify, and restore configuration backups, install additional software, and even use a device on the local network to reinstall the router to a vulnerable version.

This raises a broader question about internal threats and the importance of trust when assigning administrative access.

 

 

 

 

Protecting Your Devices

Here are some steps you can take to bolster your defences:

 

Here are some steps you can take to bolster your defences:

 

1. Selective Admin Access: Be discerning when providing administrative access. Only trusted individuals should be given this level of control.


2. Strengthen Firewall: Reinforce your firewall settings to prevent brute-force login attempts.


3. Use RouterOS Device Mode: This feature in RouterOS offers an added layer of security for critical components.


4. Regular Updates: Ensure that you're running the latest version of RouterOS. The abovementioned issue has been fixed in releases v7.7, v6.49.7, and newer.

 

 

 

 

Conclusion

Here are some steps you can take to bolster your defences:

 

In the digital age, security challenges are inevitable. However with timely updates and a proactive approach to security, risks can be significantly minimized. Keep your RouterOS up-to-date and stay informed about the latest security developments. Your network's safety might depend on it.

 

 

 

 

MikroTik News