High Severity Super Admin Vulnerability Allows Attackers To Take Control Over Routers

More than 900,000 MikroTik RouterOS routers face a critical risk from a 'Super Admin' privilege elevation flaw (CVE-2023-30799).This vulnerability permits remote attackers with an existing admin account to attain "super-admin" privileges through the Winbox or HTTP interface, allowing them to assume full control of the device covertly.The routers' vulnerability stems from their lack of protection against password brute-force attacks and the inclusion of a default "admin" user, making them susceptible to potential exploitation.Read more...