Have just read this and am a bit confused. https://blog.qrator.net/en/meris-botnet-climbing-to-the-record_142/ I can't figure out whether the attackers are abusing Mikrotik features that the owner has nor disabled or blocked, or whether this is an actual vulnerability - i.e., something exploitable even if the owner of the device has followed best practice. Does anyone have more information about this issue? Is it even an issue at all? Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160 GPG fingerprint: 9FB6 C08F 91CB 5093 30EF 3E2F 8C94 EEBD 117C 4A10 Old fingerprint: CF68 0C56 EEE4 CC19 28D4 03B3 BCE0 E800 E31F 7254