: Older versions of the WinBox protocol (port 8291) allowed for unauthenticated configuration extraction. While 6.47.10 fixed the most famous ones (like Chimay-Red), it is still vulnerable to "man-in-the-middle" attacks if using unprotected connections.
Version 6.47.10 predates the mandatory prompt for administrators to change the default blank "admin" password, a major vector for brute-force attacks. Recommendations mikrotik 6.47.10 exploit
: Move the WinBox port (8291) to a non-standard number to avoid automated bot scanners. : Older versions of the WinBox protocol (port
: If you don't use SCEP, make sure it is not configured. Go to /ip service and disable any management interfaces (WebFig, WinBox, Telnet) that aren't strictly necessary. mikrotik 6.47.10 exploit
Do you need a the hardening of your firewall?
Is your router with a public IP?