Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:M/U:X
Primary rating from Vendor (juniper) · only source for this CVE.
CVSS VectorVendor: juniper
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:M/U:X
Lifecycle Timeline
6DescriptionCVE.org
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows a local, high privileged attacker to escalate their privileges to root.
The CLI menu accepts input without carefully validating it, which allows for shell command injection. These shell commands are executed with root permissions and can be used to gain complete control of the system.
This issue affects all JSI vLWC versions before 3.0.94.
AnalysisAI
Command injection in Juniper Networks Support Insights Virtual Lightweight Collector (JSI vLWC) CLI enables local high-privileged attackers to escalate privileges to root. Inadequate input validation in the CLI menu permits shell command injection, with injected commands executing at root level. All JSI vLWC versions before 3.0.94 affected. CVSS 8.4 (High severity, local vector). Requires high-level existing privileges (PR:H). No public exploit identified at time of analysis.
Technical ContextAI
Vulnerability stems from CWE-183 (Permissive List of Allowed Inputs) implementation flaw in CLI menu processing. Shell metacharacters or command sequences bypass input sanitization, enabling arbitrary command execution via insufficient input validation. Commands inherit root context from CLI process, converting local high-privilege access to complete system control. Affects cpe:2.3:a:juniper_networks:jsi_lwc across all pre-3.0.94 releases.
RemediationAI
Vendor-released patch: Upgrade JSI vLWC to version 3.0.94 or later to remediate command injection vulnerability. This version includes corrected input validation logic for CLI menu processing. Organizations unable to immediately upgrade should restrict local administrative access to JSI vLWC systems, enforce multi-factor authentication for high-privilege accounts, and implement monitoring for abnormal CLI activity patterns. No effective workaround exists for environments requiring CLI access; upgrade is mandatory mitigation. Full vendor advisory and technical details: https://kb.juniper.net/JSA106016. Deployment priority should align with local access control posture and presence of high-privileged user accounts.
Same weakness CWE-183 – Permissive List of Allowed Inputs
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-21078
GHSA-r893-59mm-pxrg