News Lack of Patching Leaves 300,000 Routers at Risk for Attack

[AntonK]

"Lack of Patching Leaves 300,000 Routers at Risk for Attack"

A new report from security firm Eclypsium says that of the approximately 2 million MikroTik routers deployed in small-office and home-office (SOHO) settings, 1.88 million — or 94% — have the router’s management interface, Winbox, exposed to the Internet. The open ports are not the default setting, suggesting that either users are willfully undermining their security or the configuration is a sign that the devices have been compromised, says Scott Scheferman, principal cyber strategist at Eclypsium.

 

[Deepcuts]

Question is: how did they come up with that 94% and 2 million?
Ars states ~ 300k https://arstechnica.com/information...-ticking-security-time-bombs-researchers-say/
Mikrotik never revealed how many routers sold in total (that I can find) so again, where did that % come from?
To me it looks like a bad attempt to discredit Mikrotik.
If just having a port open is enough to warrant a "bombastic" title, lets go all the way and point fingers at any web server that has 80/443 open. Hell, let's do that for all DNS servers also. Security holes galore if you look closely.
I don't think a single piece of software that listens on an open port facing the internet is 100% safe, which takes me back to my original idea that such "news" articles are just a bad attempt to discredit Mikrotik.
I am not defending the practice of leaving the management port open and I agree that it is a very stupid idea. I am just sick and tired of bombastic titles.
With how easy is to get a shell on a computer behind a router (any model and any producer) and attack it from the inside, we should all just cut the power and return to monkey.

/rantover

 

[RMerlin]

If a major security flaw is found in a product, the fault lies on the developer.

If two years later a large number of said product are still vulnerable, then the fault lies on the end-user.