Home / Vulnerability Intelligence / CVE-2024-27686

CVE-2024-27686 - Vulnerability Analysis

HighCVSS: 7.5

Last Updated: May 8, 2026

Mikrotik RouterOS - Denial of Service

Published: May 8, 2026Updated: May 8, 2026PoC AvailableRemote Exploitable

Overview

Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 contains a denial of service caused by crafted packet data in the SMB service on TCP port 445, letting remote attackers crash the device, exploit requires network access to TCP port 445.

Severity & Score

Severity: High

CVSS Score: 7.5

Impact

Remote attackers can crash the device, causing denial of service.

Mitigation

Update to version 7 or later.

References

https://github.com/ice-wzl/RouterOS-SMB-DOS-POC
https://www.exploit-db.com/exploits/51931

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2024-27686
Severity: High
CVSS Score: 7.5
Type: denial_of_service
Status: unconfirmed

CWE

CWE-400

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H