Mikrotik support
The vulnerability itself was possible due to a directory traversal vulnerability in the WinBox interface with RouterOS.ĭirectory traversal is a type of exploit that allows attackers to travel to the parent directories to gain access to the operating system’s file system, a method and structure of how data is stored and retrieved in the operating system. Administration of RouterOS can be done either via direct SSH connection or by using a configuration utility called WinBox.
#Mikrotik support Pc#
RouterOS is the router operating system that’s used by MikroTik’s routers and the RouterBOARD hardware product family, which can also be used to turn any PC into a router. According to MikroTik’s blog, the attackers exploited a vulnerability in the router’s operating system (RouterOS) which enabled attackers to gain unauthenticated remote access to read and write arbitrary files ( CVE-2018-14847). The Meris botnet is formed of infected routers and networking hardware manufactured by the Latvian company MikroTik. Their initial research identified 30,000 to 56,000 bots, but they estimated that the numbers are actually much higher, in the ballpark of 250,000 bots. It was originally detected in late June 2021 by QRator in joint research they conducted with Yandex.
#Mikrotik support series#
Meris (Latvian for plague) is the name of an active botnet behind a series of recent DDoS attacks that have targeted thousands of websites around the world. View more Meris attack insights and trends in the interactive Radar dashboard.
Meris first got our attention due to an exceptionally large 17.2 million requests per second (rps) DDoS attack that it launched against one of our customers.