MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service (DoS), rendering the SMB service unavailable.
References
Link | Resource |
---|---|
https://github.com/noobone123/RouterOS-issues/blob/main/README.md | Third Party Advisory |
Configurations
History
30 Jun 2025, 14:46
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-29 20:15
Updated : 2025-06-30 14:46
NVD link : CVE-2024-54952
Mitre link : CVE-2024-54952
CVE.ORG link : CVE-2024-54952
JSON object : View
Products Affected
mikrotik
- routeros
CWE
CWE-476
NULL Pointer Dereference