In June 2023, security researchers and MikroTik itself confirmed a critical vulnerability that sent shockwaves through the networking community: . Officially designated as CVE-2023-30799 , this flaw allows an unauthenticated, remote attacker to bypass the login mechanism and gain full administrative access to a vulnerable router.
If you have MikroTik devices running RouterOS 6.x in your environment, assume they are compromised unless proven otherwise. Upgrade immediately. mikrotik routeros authentication bypass vulnerability
/user active print