Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
18 February 2025
Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices.
Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3.
"An Authentication Bypass Using an Alternate Path or