CVE-2024-54952

MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service (DoS), rendering the SMB service unavailable.
References
Configurations

Configuration 1 (hide)

cpe:2.3:o:mikrotik:routeros:6.40.5:*:*:*:-:*:*:*

History

30 Jun 2025, 14:46

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-29 20:15

Updated : 2025-06-30 14:46


NVD link : CVE-2024-54952

Mitre link : CVE-2024-54952

CVE.ORG link : CVE-2024-54952


JSON object : View

Products Affected

mikrotik

  • routeros
CWE
CWE-476

NULL Pointer Dereference