Re: Visiting the MikroTik website..
Saw this by accident-
I got a "Tik" router. Just checked - mine's ok, and firmware is up to date (enough).
It is amazing hardware!
I think the advanced capability, and relative low cost makes this an easy choice for anyone with networking needs beyond what most ISP routers provide.
It is however definitely not a consumer product... You need to be skilled to configure this thing. Especially the firewall. I guess this is why this issue exists - people don't know how to lock it down right...
MikroTik is pretty good at disclosing and patching vulnerabilities, and they have an amazing forum and community.
That MS post is only 2 days old at this point...
Is this really a vulnerability?
Using the default password? - user messed up...
Firmware really old? - user messed up... Thats already been patched long ago.
Bruteforce attack? - you didn't lock down admin access to internal network only? - user messed up.
Yeah... doesn't look like a new vulnerability...
Not sure what you want them to post on their website about... "Warning: don't use this product if dumb or under the influence" :P
(pint icon - obvs)