CVE-2024-27686

HIGH

Mikrotik RouterOS 6.40.5-6.49.10 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2024-27686. PoCs published by ice-wzl, ThemeHackers.

AI-analyzed exploit summary This Python script exploits CVE-2024-27686, a denial-of-service (DoS) vulnerability in MikroTik RouterOS SMB service. It sends malformed SMB packets to crash the service on affected versions (6.40.5-6.44 and 6.48.1-6.49.10).

Description

Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445.

Exploits (3)

exploitdb WORKING POC
by ice-wzl · pythondoshardware
https://www.exploit-db.com/exploits/51931

This Python script exploits CVE-2024-27686, a denial-of-service (DoS) vulnerability in MikroTik RouterOS SMB service. It sends malformed SMB packets to crash the service on affected versions (6.40.5-6.44 and 6.48.1-6.49.10).

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: MikroTik RouterOS 6.40.5-6.44 and 6.48.1-6.49.10
No auth needed
Prerequisites: Network access to the target's SMB port (default 445)
devstral-2 · analyzed May 08, 2026 Full analysis →
github WORKING POC 3 stars
by ThemeHackers · pythonpoc
https://github.com/ThemeHackers/CVE-2024-27686

This repository contains a functional Python exploit for CVE-2024-27686, a RouterOS SMB Denial of Service (DoS) vulnerability. The exploit sends crafted SMB packets to trigger the DoS condition, with support for proxy lists and multiple RouterOS versions.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: MikroTik RouterOS versions 6.40.5-6.44 and 6.48.1-6.49.10
No auth needed
Prerequisites: Network access to target SMB port (445) · Python 3 with pysocks library
devstral-2 · analyzed May 08, 2026 Full analysis →
gitlab WORKING POC
by ThemeHackers · poc
https://gitlab.com/ThemeHackers/CVE-2024-27686

This repository contains a functional Python exploit for CVE-2024-27686, a RouterOS SMB Denial of Service (DoS) vulnerability. The exploit sends crafted SMB packets to trigger the DoS condition, with support for proxy lists and multiple RouterOS versions.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: MikroTik RouterOS versions 6.40.5-6.44 and 6.48.1-6.49.10
No auth needed
Prerequisites: Network access to target SMB port (445) · Python 3 with pysocks library
devstral-2 · analyzed May 08, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0059
EPSS Percentile 43.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-400
Status published
Published May 08, 2026
Tracked Since May 08, 2026