spin
June 11, 2018, 6:44pm
1
These versions contain key security fixes. These are available on downloads:
Both of these have this in the changelog:
!) winbox - fixed vulnerability that allowed to gain access to an unsecured router;
Note 6.41.x will not be accepted.
#Simple upgrade steps
To quickly and easily download bugfix RouterOS run the followig command on a terminal in WinBox.
/tool fetch url="https://downloads.ctwug.za.net/mikrotik/routeros/6.40.8/routeros-mipsbe-6.40.8.npk"
The above will only work if DNS on the router is set to 172.18.1.1 (and only that).mipsbe device you need to change the file name. You can see them here:https://downloads.ctwug.za.net/mikrotik/routeros/6.40.8/
Reboot the router and it should upgrade to the new RouterOS you downloaded.
In WinBox under System / Routerboard click on Upgrade. This will set firmware to be upgraded.
###4 . Reboot again
###5 . Done
Also checkout the How To below:
5 Likes
spin
June 11, 2018, 7:16pm
2
This is going to be a big task to upgrade everything: There are 467 routers that need to be upgraded as of now. That’s only counting OSPF routers.
spin
June 12, 2018, 10:12am
3
Added instructions to quickly upgrade a router above.
1 Like
spin
June 12, 2018, 11:25pm
4
Ancient router OS versions on some routers running WMS (but not OSPF):
+-----------------------+----------------+--------+---------------------+
| name | lastip | osver | lastseen |
+-----------------------+----------------+--------+---------------------+
| Nitros-Baksteun | 172.18.58.198 | 6.11 | 2018-06-13 00:42:41 |
| rb2.lurker | 172.18.251.162 | 6.24 | 2018-06-12 23:05:20 |
| Kingpin 2.4GHz Sector | 172.18.17.244 | 6.24 | 2018-06-13 00:50:38 |
| Buddy-Qwheel | 172.18.166.196 | 6.20 | 2018-06-12 22:47:37 |
| rb2.buddy | 172.18.166.254 | 6.28 | 2018-06-13 01:05:55 |
| MikroTik | 172.26.23.249 | 6.29.1 | 2018-06-13 00:46:19 |
| rb1.Pain | 172.18.178.22 | 6.23 | 2018-06-13 00:54:42 |
+-----------------------+----------------+--------+---------------------+
Can people hunt these down and fix them?
pmurgs
June 13, 2018, 5:18pm
5
Thank you spin for your time and effort to keep our network running smooth and securely. Upgraded my ros on my routers. Small effort my side, a lot more effort your side. Your effort is much appreciated.
5 Likes
spin
June 16, 2018, 11:47am
6
Still some ancient RBs out there:
+-----------------+----------------+----------------+-------+---------------------+
| name | routerid | lastip | osver | lastseen |
+-----------------+----------------+----------------+-------+---------------------+
| rb2.lurker | 172.18.197.254 | 172.18.251.162 | 6.24 | 2018-06-14 11:05:20 |
| rb2.Hakkie | NULL | 172.18.168.221 | 6.20 | 2018-06-16 09:09:08 |
| rb3.Hakkie | NULL | 172.18.168.220 | 6.18 | 2018-06-16 09:26:08 |
| rb1.Pain | NULL | 172.18.178.22 | 6.23 | 2018-06-16 12:54:47 |
| Nitros-Baksteun | NULL | 172.18.212.30 | 6.11 | 2018-06-16 13:42:42 |
| Dragons RB1 | NULL | 172.18.66.30 | 6.10 | 2018-06-16 10:00:45 |
+-----------------+----------------+----------------+-------+---------------------+
I might take a view that this is a security risk and upgrade them as this is a risk to CTWUG. Prefer the owners to take responsibility though:@Lurker @Pain @Nitros @Baksteun @Dragon
Nitros
June 16, 2018, 6:33pm
7
Hey, followed the instructions and should be updated now: MikroTik RouterOS 6.40.8
1 Like
Hi.
1 Like
spin
June 17, 2018, 6:24pm
9
Thanks!
Please do not post other people’s contact details on the forum. This is a public place.
Pain
January 17, 2019, 12:53pm
10
I don’t understand way my name is in this msg all my rb’s is up to data or are you talking about something else
spin
January 17, 2019, 7:02pm
11
The message (you replied to) is from 6 months ago
2 Likes
So presumably they are up to date now.