Just calling out the good guys at Microtik. They patched their router a year before being notified by Cisco.
As a Mikrotik devote, I love the active development and patches being pushed for their Packages and RouterBoard. If anyone maintains a Mikrotik router and/or switches and hasn't heard about the vulnerability and actively patched their systems, then they're completely at fault and putting themselves and possibly they're companies at risk.
Honest question: how's their GPL compliance these days?
Some info here: https://forum.lede-project.org/t/mikrotik-gpl-source/6750/12
Which led to this repo: https://github.com/robimarko/routeros-GPL