Scanner gratuitement
CRITICALCVE-2021-31349CVSS 9.8

Session Smart Router: Vulnérabilité de contournement d'authentification

Plateforme

other

Composant

128-technology-session-smart-router

Corrigé dans

4.5.11

5.0.2

AI Confidence: highNVDEPSS 0.8%Révisé: mai 2026
Voir sur NVD
Sauvegarder
Traduction vers votre langue…

CVE-2021-31349 describes a critical authentication bypass vulnerability discovered in 128 Technology Session Smart Routers. This flaw allows attackers to bypass authentication mechanisms, potentially gaining unauthorized access to sensitive data and control over the device. The vulnerability impacts all versions of the router prior to 4.5.11, and specifically versions 5.0 up to and including 5.0.1. A fix is available in version 4.5.11.

Impact et Scénarios d'Attaquetraduction en cours…

The authentication bypass vulnerability allows an attacker to exploit a flaw in the router's internal HTTP header handling. Successful exploitation grants the attacker a wide range of capabilities, including the ability to view internal files, modify router settings, manipulate services, and ultimately, execute arbitrary code. This represents a significant security risk, potentially leading to complete compromise of the router and any systems connected to it. The ability to execute arbitrary code means an attacker could install malware, redirect network traffic, or launch further attacks against internal resources. The impact is particularly severe given the router's role as a network gateway.

Contexte d'Exploitationtraduction en cours…

CVE-2021-31349 was publicly disclosed on October 19, 2021. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability has not been added to the CISA KEV catalog as of this writing. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature and the lack of robust authentication controls.

Qui Est à Risquetraduction en cours…

Organizations relying on 128 Technology Session Smart Routers as their primary network gateway are at significant risk. This includes small to medium-sized businesses, remote offices, and any environment where the router is exposed to the internet without adequate security controls. Shared hosting environments utilizing these routers are particularly vulnerable due to the potential for cross-tenant exploitation.

Étapes de Détectiontraduction en cours…

• linux / server: Monitor router logs (e.g., /var/log/router.log) for unusual HTTP requests or authentication attempts from unauthorized IP addresses. Use journalctl -u router to filter for authentication-related events. • generic web: Use curl -I <router_ip> to check for unexpected HTTP headers or responses indicating unauthorized access. • windows / supply-chain: (Less applicable, but if router management is accessed via Windows) Monitor PowerShell execution logs for suspicious commands related to router configuration or file access.

Chronologie de l'Attaque

  1. Disclosure

    disclosure

Renseignement sur les Menaces

Statut de l'Exploit

Preuve de ConceptInconnu
CISA KEVNO
Exposition InternetÉlevée

EPSS

0.75% (percentile 73%)

Vecteur CVSS

RENSEIGNEMENT SUR LES MENACES· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetworkComment l'attaquant atteint la cibleAttack ComplexityLowConditions requises pour exploiterPrivileges RequiredNoneNiveau d'authentification requisUser InteractionNoneSi une action de la victime est requiseScopeUnchangedImpact au-delà du composant affectéConfidentialityHighRisque d'exposition de données sensiblesIntegrityHighRisque de modification non autorisée de donnéesAvailabilityHighRisque d'interruption de servicenextguardhq.com · Score de base CVSS v3.1
Que signifient ces métriques?
Attack Vector
Réseau — exploitable à distance via internet. Aucun accès physique ou local requis.
Attack Complexity
Faible — aucune condition spéciale requise. Exploitable de manière fiable.
Privileges Required
Aucun — sans authentification. Aucune identifiant requis pour exploiter.
User Interaction
Aucune — attaque automatique et silencieuse. La victime ne fait rien.
Scope
Inchangé — impact limité au composant vulnérable.
Confidentiality
Élevé — perte totale de confidentialité. L'attaquant peut lire toutes les données.
Integrity
Élevé — l'attaquant peut écrire, modifier ou supprimer toutes les données.
Availability
Élevé — panne complète ou épuisement des ressources. Déni de service total.

Logiciel Affecté

Composant128-technology-session-smart-router
FournisseurJuniper Networks
Plage affectéeCorrigé dans
unspecified – 4.5.104.5.11
5.0 – 5.0.15.0.2

Classification de Faiblesse (CWE)

CWE-287

Chronologie

  1. Réservé
  2. Publiée
  3. Modifiée
  4. EPSS mis à jour

Mitigation et Contournementstraduction en cours…

The primary mitigation for CVE-2021-31349 is to upgrade the 128 Technology Session Smart Router to version 4.5.11 or later. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider implementing temporary workarounds. While no direct WAF rules can prevent this, strict access control lists (ACLs) limiting access to the router's management interface from untrusted networks can reduce the attack surface. Regularly review router configurations and disable any unnecessary services to minimize potential impact. After upgrading, verify the fix by attempting to access internal files or router settings without proper authentication.

Comment corriger

Mettez à jour le Session Smart Router à la version 4.5.11 ou supérieure, ou à une version ultérieure à 5.0.1 pour corriger la vulnérabilité de contournement d'authentification. Cela empêchera les attaquants d'accéder à des fichiers internes, de modifier des configurations, de manipuler des services et d'exécuter du code arbitraire.

Newsletter Sécurité CVE

Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.

Questions fréquentestraduction en cours…

What is CVE-2021-31349 — Authentication Bypass in 128 Technology Router?

CVE-2021-31349 is a critical authentication bypass vulnerability affecting 128 Technology Session Smart Routers, allowing unauthorized access and code execution.

Am I affected by CVE-2021-31349 in 128 Technology Router?

If you are using a 128 Technology Session Smart Router with versions prior to 4.5.11, including 5.0.1, you are potentially affected by this vulnerability.

How do I fix CVE-2021-31349 in 128 Technology Router?

Upgrade your 128 Technology Session Smart Router to version 4.5.11 or later to remediate the vulnerability. Consider temporary workarounds if immediate upgrade is not possible.

Is CVE-2021-31349 being actively exploited?

While no confirmed active exploitation campaigns are publicly known, the vulnerability's critical severity makes it a likely target for attackers.

Where can I find the official 128 Technology advisory for CVE-2021-31349?

Refer to the Juniper Networks security advisory for CVE-2021-31349: [https://www.juniper.net/us/en/support/security/cve-details/CVE-2021-31349/]

Ton projet est-il affecté ?

Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.

Scanner gratuitementRechercher des CVE