CVE-2024-54952

MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service (DoS), rendering the SMB service unavailable.
Configurations

No configuration.

History

30 May 2025, 16:31

Type Values Removed Values Added
Summary
  • (es) En MikroTik RouterOS 6.40.5, el servicio SMB presenta una vulnerabilidad de corrupción de memoria. Atacantes remotos no autenticados pueden explotar este problema enviando paquetes especialmente manipulados, lo que provoca una desreferencia de puntero nulo. Esto provoca una denegación de servicio remota (DoS), lo que deja el servicio SMB indisponible.

29 May 2025, 21:15

Type Values Removed Values Added
CWE CWE-476
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

29 May 2025, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-29 20:15

Updated : 2025-05-30 16:31


NVD link : CVE-2024-54952

Mitre link : CVE-2024-54952

CVE.ORG link : CVE-2024-54952


JSON object : View

Products Affected

No product.

CWE
CWE-476

NULL Pointer Dereference