41 matches found
EUVD-2025-206381
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router: from 5.6.7 before 5.6.17, from...
CVE-2025-21589
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router: from 5.6.7 before 5.6.17, from...
CVE-2025-21589 Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router: from 5.6.7 before 5.6.17, from...
CVE-2025-21589
CVE-2025-21589 is an API authentication bypass vulnerability in Juniper Networks Session Smart Router, Session Smart Conductor, and WAN Assurance Routers. A network-based attacker could bypass authentication and gain administrative control. Affected versions include Session Smart Router: 5.6.7–5....
Several products of Juniper Networks have security vulnerabilities
Juniper Networks Session Smart Conductor is a product of the American company Juniper Networks. Juniper Networks Session Smart Conductor is a centralized management and control platform for wide-area network architectures. Juniper Networks Session Smart Router is a software-based intelligent...
EUVD-2021-18259
Malware in sbrugna...
EUVD-2024-27913
Malicious code in bioql PyPI...
CVE-2021-37273
A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450EPON ONU 3.0. Tianyi Gateway is a hardware terminal of "Optical Modem Smart Router." Attackers can use this vulnerability to restart the device multiple times...
TOTOLINK A950RG NoticeUrl Parameter Arbitrary Command Execution Vulnerability
TOTOLINK A950RG is a gaming router and smart router that supports 2.4GHz and 5GHz dual band. The TOTOLINK A950RG suffers from a command execution vulnerability that originates from the NoticeUrl parameter in the setNoticeCfg function, which can be exploited by an attacker to execute arbitrary...
Vulnerability fixed in Juniper Session Smart Router
Juniper has fixed a vulnerability in the Session Smart Router. The vulnerability allows a malicious person to access and thus take over the vulnerable system without prior authentication. Juniper has released updates to fix the vulnerability. See attached references for more information...
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589 , the vulnerability carries a...
PT-2025-6925
Name of the Vulnerable Software and Affected Versions Juniper Networks Session Smart Router versions 5.6.7 through 5.6.16 Juniper Networks Session Smart Router versions 6.0.8 Juniper Networks Session Smart Router versions 6.1 through 6.1.11-lts Juniper Networks Session Smart Router versions 6.2...
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Juniper Networks is warning that Session Smart Router SSR products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company said it's issuing the advisory after "several customers" reported anomalous behavior on their Session Sma...
D-Link G416 flpl pythonapp command injection remote code execution vulnerability
The D-Link G416 is the AX1500 4G+ Smart Router launched by AUO in June 2025 and supports Wi-Fi 6, AI Smart Optimization and 4G LTE Cat 6 network with up to 300Mbps internet speed. The D-Link G416 suffers from a command injection remote code execution vulnerability, which stems from the flpl...
Juniper Networks Releases Critical Security Update for Routers
Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. "An Authentication Bypass Usin...
Vulnerability fixed in Juniper Session Smart Router
Juniper has fixed a vulnerability in Session Smart Router SSR. SSR is a software router application for SD-WAN systems. An unauthenticated malicious person with access to the infrastructure can exploit the vulnerability to access and take over the system. The limiting condition, however, is that...
CVE-2024-2973
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running i...
CVE-2024-2973
CVE-2024-2973 affects Juniper Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router when deployed in High-Availability redundant configurations. The vulnerability is an Authentication Bypass via an alternate path or channel that lets a network-based attacker bypass authent...
CVE-2024-2973 Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running i...
Session Smart Router Security Vulnerability
Session Smart Router is Juniper's designed to provide users with a superior connectivity experience, the router is built on an application-aware and zero-trust secure network architecture that meets the most stringent enterprise performance, security and availability requirements. A security...