6551 matches found
CVE-2026-33785
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, ca...
CVE-2026-33784
A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...
CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access
A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...
CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access
A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...
CVE-2026-33781 Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service DoS. On EX4k, and QFX5k platforms configur...
CVE-2026-33776
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information. A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensitive...
CVE-2026-33774 Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effect
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the configured firewall filter and access the control-plane of the device. On MX platform...
CVE-2026-33771
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...
CVE-2026-33771
CVE-2026-33771 affects Juniper CTP OS (CTP OS) and its password management function, where password complexity requirements configured in the admin menu are not saved, allowing weak passwords. This could enable an unauthenticated, network-based attacker to exploit weak local passwords and potenti...
CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...
CVE-2026-33797
An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...
CVE-2026-33773 Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied
An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...
CVE-2026-33773
An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...
CVE-2026-21915
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...
CVE-2026-21915 JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...
CVE-2025-59969
creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410...
CVE-2026-21919
creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410...
CVE-2022-24805
creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410...
CVE-2026-33773
creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-09 22:42:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3uxsvmnn2q...
CVE-2026-33781
creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410...