Routeros V6 40.3



Download

CVE-2019-3924: MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities. Mikrotik routeros default username and password - default username and password mikrotik router all series (such us rb750, rb450g, rb2011uas-2hnd-in, rb433, rb411, rb2011, rb1100, rb751u-2hnd, rb951g-2hnd, 750up and other) is very necessary for access to the new mikrotik router and mikrotik router has been reset to factory defaults.

Routeros V6.40.4

Engine40.3
  1. MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in most of.
  2. RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities. V6.40.3 current Posted by strods, Fri Sep 01, 2017 11:34 am. V6.37rc release.
  3. What is the default password for the MikroTik router?

Routeros V6 40.3 For Sale

6.41rc34 changelog:

*) crs3xx - improved packet processing in slowpath;
*) defconf - fixed RouterOS default configuration (introduced in v6.40.3);
*) ethernet - removed 'master-port' parameter;
*) log - fixed 'unknown' interface name in log messages;
*) lte - added '/interface lte apn' menu (Passthrough requires reconfiguration) (CLI only);
*) lte - do not reset modem when it is not possible to access SMS storage;
*) snmp - fixed 'ifHighSpeed' value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed '/caps-man registration-table' uptime values;
*) tile - improved hardware encryption processes;
*) vlan - do not allow VLAN MTU to be higher than L2MTU;
*) wireless - fixed rate selection process when 'rate-set=configured' and NV2 protocol is used;
Other changes since 6.40.3:
!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - 'master-port' conversion into a bridge with hardware offload 'hw' option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware 'igmp-snooping' on CRS1xx/2xx;
*) bridge - automatically turn off 'fast-forward' feature if both bridge ports have 'H' flag;
*) bridge - changed 'Host' and 'MDB' table column order;
*) bridge - fixed 'fast-forward' counters;
*) bridge - fixed 'R' state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based 'igmp-snooping';
*) bridge - implemented software based MSTP;
*) bridge - removed 'frame-types' and 'ingress-filtering' for bridge interfaces (introduced in v6.40rc36);
*) bridge - show 'admin-mac' only if 'auto-mac=no';
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added 'vlan-mode=no-tag' option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP 'get' request URL encoding;
*) certificate - show 'Expired' flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop '/certificate sign' process if console times out in 1 minute;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs317 - added L2MTU support;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when 'rapid-commit' is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on 'file' parameter (introduced in v6.40);
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) export - fixed interface list export;
*) export - fixed wireless 'ssid' and 'supplicant-identity' compact export;
*) hotspot - fixed missing '/ip hotspot server profile' if invalid 'dns-name' was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when 'mode-config' exchange fails;
*) ike2 - check identities on 'initial-contact';
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added '/interface reset-counters' command (CLI only);
*) interface - added option to join and exclude '/interface list' from one and another;
*) interface - fixed corrupted '/interface list' configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify 'remote-peer' address as DNS name;
*) ipsec - kill PH1 on 'mode-config' address failure;
*) ipsec - renamed 'firewall' argument to 'notrack-chain' in peer configuration;
*) ipv6 - add dynamic '/ip dns' server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed 'flip-screen=yes' state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added 'bridge' topic;
*) log - optimized 'poe-out' logging topic logs;
*) lte - added Passthrough support (CLI only);
*) lte - added support for ZTE ME3630 E1C with additional '/port' for GPS usage;
*) lte - added Yota non-configurable modem support;
*) lte - automatically add '/ip dhcp-client' configuration on interface;
*) lte - changed default values to 'add-default-route=yes', 'use-peer-dns=yes' and 'default-route-distance=2';
*) lte - fixed mode initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under '/system resource usb' (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) ppp - fixed serial port loading (introduced in v6.41rc);
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe - fixed invalid PPPoE server or client after reboot or 'interface' edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed '/system routerboard upgrade' for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sfp - fixed temperature readings for various SFP modules;
*) sftp - added functionality which imports '.auto.rsc' file or reboots router on '.auto.npk' upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed '/system license' parameters for CHR;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) traceroute - improved '/tool traceroute' results processing;
*) ups - fixed duplicate 'failed' UPS logs;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) webfig - improved reliability of login process;
*) winbox - added 'notrack-chain' setting to IPSec peers;
*) winbox - do not show duplicate 'Template' parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters 'Published' in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under '/system routerboard settings' menu;
*) wireless - added 'allow-signal-out-off-range' option for Access List entries (CLI only);
*) wireless - improved reliability on 'rx-rate' selection process;
*) wireless - log 'signal-strength' when successfully connected to AP;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;
Download the new 'RouterOS 6.41rc34' version here: https://www.mikrotik.com/download