Platform
other
Component
128-technology-session-smart-router
Fixed in
4.5.11
5.0.2
CVE-2021-31349 describes a critical authentication bypass vulnerability discovered in 128 Technology Session Smart Routers. This flaw allows attackers to bypass authentication mechanisms, potentially gaining unauthorized access to sensitive data and control over the device. The vulnerability impacts all versions of the router prior to 4.5.11, and specifically versions 5.0 up to and including 5.0.1. A fix is available in version 4.5.11.
The authentication bypass vulnerability allows an attacker to exploit a flaw in the router's internal HTTP header handling. Successful exploitation grants the attacker a wide range of capabilities, including the ability to view internal files, modify router settings, manipulate services, and ultimately, execute arbitrary code. This represents a significant security risk, potentially leading to complete compromise of the router and any systems connected to it. The ability to execute arbitrary code means an attacker could install malware, redirect network traffic, or launch further attacks against internal resources. The impact is particularly severe given the router's role as a network gateway.
CVE-2021-31349 was publicly disclosed on October 19, 2021. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability has not been added to the CISA KEV catalog as of this writing. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature and the lack of robust authentication controls.
Exploit Status
EPSS
0.75% (73% percentile)
CVSS Vector
The primary mitigation for CVE-2021-31349 is to upgrade the 128 Technology Session Smart Router to version 4.5.11 or later. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider implementing temporary workarounds. While no direct WAF rules can prevent this, strict access control lists (ACLs) limiting access to the router's management interface from untrusted networks can reduce the attack surface. Regularly review router configurations and disable any unnecessary services to minimize potential impact. After upgrading, verify the fix by attempting to access internal files or router settings without proper authentication.
Update the Session Smart Router to version 4.5.11 or later, or to a version later than 5.0.1 to correct the authentication bypass vulnerability. This will prevent attackers from accessing internal files, changing configurations, manipulating services, and executing arbitrary code.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2021-31349 is a critical authentication bypass vulnerability affecting 128 Technology Session Smart Routers, allowing unauthorized access and code execution.
If you are using a 128 Technology Session Smart Router with versions prior to 4.5.11, including 5.0.1, you are potentially affected by this vulnerability.
Upgrade your 128 Technology Session Smart Router to version 4.5.11 or later to remediate the vulnerability. Consider temporary workarounds if immediate upgrade is not possible.
While no confirmed active exploitation campaigns are publicly known, the vulnerability's critical severity makes it a likely target for attackers.
Refer to the Juniper Networks security advisory for CVE-2021-31349: [https://www.juniper.net/us/en/support/security/cve-details/CVE-2021-31349/]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.