PT-2024-2453 · Mikrotik · Routeros

Published

2024-04-01

Updated

2026-05-10

CVE-2024-27686

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Mikrotik RouterOS (x86) versions 6.40.5 through 6.49.10

Description An issue in the processing of input data allows a remote attacker to cause a denial of service, resulting in a device crash. This is achieved by sending crafted packet data to the SMB service on TCP port '445'.

Recommendations Update to version 7.

Exploit

Fix

DoS

Resource Exhaustion

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-20

Related Identifiers

BDU:2024-02431

CVE-2024-27686

Affected Products

Routeros

PT-2024-2453 · Mikrotik · Routeros

CVE-2024-27686

Weakness Enumeration

Related Identifiers

Affected Products

References · 11