Turn off FTP, Telnet, and API if they are not in use. Is there a "One-Click" Exploit?
Various memory corruption and stack exhaustion issues in services like /nova/bin/net or /nova/bin/diskd were identified in early 6.47 releases. How Are These Exploits Delivered? mikrotik 6.47.10 exploit
The exploit targets a component within the Simple Certificate Enrollment Protocol () Server implementation of RouterOS. The Flaw: A heap-based buffer overflow. Turn off FTP, Telnet, and API if they are not in use
: While these were discovered earlier, many devices running 6.47.x remained vulnerable if the DNS service was exposed. These allowed attackers to redirect traffic or gain unauthorized access. How Are These Exploits Delivered
One of the most significant architectural flaws uncovered in RouterOS v6 involves the WinBox management protocol.
Do not expose your router's login interfaces to the public internet. Go to > Services .