Authentication Bypass Vulnerability in MikroTik RouterOS
CVE-2024-54772

5.4MEDIUM

Key Information:

Vendor

MikroTik

Status
RouterOS
Vendor
CVE Published:
11 February 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2024-54772?

MikroTik RouterOS, specifically versions v6.43 to v7.16.1, is susceptible to an account enumeration vulnerability found in the Winbox service. The flaw arises from an inconsistency in response times when connecting with valid versus invalid usernames, enabling attackers to ascertain valid accounts through timing discrepancies. This exploit could serve as a gateway for further attacks, making it essential for administrators to review and enhance their security measures to mitigate potential risks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-54772
Created by deauther890

References

https://github.com/deauther890/CVE-2024-54772

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability Reserved

.