https://forum.mikrotik.com/viewtopic.php?f=21&t=133533
TL;DR - someone can push a request to winbox port and get the internal USER DB back before authing.
If best practice is followed (i.e. firewalled off) - you should not have been compromised, but best to update when new ROS available and change your passwords (just in case)
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog