Security News > 2025 > February > Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
2025-02-18 12:18
Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3. "An Authentication Bypass Using an Alternate Path or
News URL
https://thehackernews.com/2025/02/juniper-session-smart-routers.html
Related news
- Juniper patches critical auth bypass in Session Smart routers (source)
- Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers (source)
- Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- Juniper enterprise routers backdoored via “magic packet” malware (source)
- Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet (source)
- Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software (source)
- PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)