identified as CVE-2023-30799 that allows a remote and authenticated attacker to gain access to the router’s root shell.
🔴 آسیب پذیری بحرانی در میکروتیک
در این پست آسیب پذیری بحرانی CVE-2023-30799 در روترهای میکروتیک بررسی شده که امکان دسترسی rootshell رو به مهاجم احرازهویت شده میده.
نسخه های آسیب پذیر در ایران هم به وفور استفاده میشن، بروزرسانی یا نکات پیشگیری رو اعمال کنید.
The CVE-2023-30799 vulnerability was first disclosed, without a CVE, in June 2022 at the REcon conference by Margin Research. At that time, they had developed an exploit called FOISted that could give a root shell on the RouterOS x86 virtual machine.
Mikrotik was aware of this problem and fixed it in October 2022, in RouterOS stable version (6.49.7), but did not talk about this security vulnerability in its version reports and only mentioned it as follows:
*) system – improved handling of user policies;
VulnCheck researchers worked on this exploit and were able to develop it on the popular MIPSBE architecture, as a result, Mikrotik had to assign a CVE to it. In fact, before a virtual machine was only vulnerable, but now Mikrotik hardware is vulnerable.
Slow link:
https://onhexgroup.ir/cve-2023-30799-mikrotik-routeros/