- GitLab has patched a critical vulnerability, allowing continuous integration and continuous deployment (CI/CD) pipelines.
- Juniper Networks smart routers are affected by a critical vulnerability, allowing threat actors to bypass authentication protocols.
- Security researchers have found bad actors exploiting critical vulnerabilities affecting D-Link DIR-859 WiFi routers.
Notable vulnerabilities have recently been found in popular development tools and router hardware, resulting in urgent patches from maintainers and manufacturers. This roundup covers security flaws affecting Juniper Networks’ smart routers, D-Link routers, and GitLab’s CI/CD pipelines, with essential recommendations for mitigating these risks.
Juniper Networks Issues Emergency Patch for Smart Routers
Juniper Networks has issued an emergency patch for a critical vulnerability (CVE-2024-2973) affecting its Session Smart Conductor and Session Smart Routers product lineups. The bug allows network-based attackers to circumvent authentication protocols and gain complete control over systems in high-availability setup configurations.
Juniper Network devices before SSR-5.6.15, SSR-6.1.9-lts, and…
