High Severity Super Admin Vulnerability Allows Attackers To Take Control Over Routers

More than 900,000 MikroTik RouterOS routers face a critical risk from a 'Super Admin' privilege elevation flaw (CVE-2023-30799). This vulnerability permits remote attackers with an existing admin account to attain "super-admin" privileges through the Winbox or HTTP interface, allowing them to assume full control of the device covertly. The routers' vulnerability stems from their lack of protection against password brute-force attacks and the inclusion of a default "admin" user, making them susceptible to potential exploitation. Read more...