Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs

2021-12-10 03:53

At least 300,000 IP addresses associated with MikroTik devices have been found vulnerable to multiple remotely exploitable security vulnerabilities that have since been patched by the popular supplier of routers and wireless ISP devices.

"This has made MikroTik devices a favorite among threat actors who have commandeered the devices for everything from DDoS attacks, command-and-control, traffic tunneling, and more."

MikroTik devices are an enticing target not least because there are more than two million of them deployed worldwide, posing a huge attack surface that can be leveraged by threat actors to mount an array of intrusions.

The list of four vulnerabilities discovered over the last three years and which could enable full takeover of MikroTik devices is below -.

Eclypsium researchers said they found 20,000 exposed MikroTik devices that injected cryptocurrency mining scripts into web pages that users visited.

MikroTik routers are far from the only devices to have been co-opted into a botnet.

News URL

https://thehackernews.com/2021/12/over-300000-mikrotik-devices-found.html

#hacking #mikrotik

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Mikrotik		30	1	59	16	4	80