2 matches found
CVE-2026-33784
The CVE describes a Use of Default Password in Juniper Networks’ Virtual Lightweight Collector (vLWC) . All vLWC versions before 3.0.94 ship with an initial password for a high-privileged account, and provisioning does not enforce a password change, enabling an unauthenticated, network-based atta...
CVE-2026-21915
The CVE describes a vulnerability in Juniper Networks’ JSI Virtual Lightweight Collector (vLWC). A Permissive List of Allowed Input in the CLI enables local, high-privilege attackers to inject shell commands that run with root permissions, potentially yielding full system control. Affected: all J...