Skip to main content

Junos OS EX Series CVE-2026-33802

| EUVDEUVD-2026-42703 MEDIUM
Missing Authorization (CWE-862)
2026-07-09 juniper GHSA-4c4g-46p8-24mq
6.8
CVSS 4.0 · Vendor: juniper
Share

Severity by source

Vendor (juniper) PRIMARY
6.8 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X
vuln.today AI
5.5 MEDIUM

Local CLI access required (AV:L), any authenticated account suffices (PR:L), and impact is purely availability disruption with no confidentiality or integrity effect (C:N/I:N/A:H).

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (juniper).

CVSS VectorVendor: juniper

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Patch available
Jul 09, 2026 - 23:02 EUVD
CVSS changed
Jul 09, 2026 - 22:22 NVD
5.5 (MEDIUM) 6.8 (MEDIUM)
Analysis Generated
Jul 09, 2026 - 22:12 vuln.today

DescriptionCVE.org

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service (DoS).

On EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400 switches, an authenticated, local attacker with no specific permissions or class can execute a specific, privileged CLI 'request' command which will cause complete traffic impact until the system automatically recovers.

This issue affects Junos OS on EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400:

  • 23.2R2 versions before 23.2R2-S6,
  • 23.4 versions before 23.4R2-S8,
  • 24.2 versions before 24.2R2-S4,
  • 24.4 versions before 24.4R2-S3,
  • 25.2 versions before 25.2R2,
  • 25.4 versions before 25.4R1-S1.

AnalysisAI

Junos OS on Juniper EX Series access switches exposes a missing authorization flaw in the CLI that allows any locally authenticated user, regardless of privilege class or assigned permissions, to execute a specific privileged 'request' command and cause complete traffic disruption on the affected switch. Affected platforms span EX2300, EX4000, EX4100, EX4300-MP, and EX4400 across six active Junos OS release trains from 23.2 through 25.4. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain any valid local Junos OS account
Delivery
Authenticate to CLI on affected EX switch
Exploit
Execute specific privileged 'request' command
Execution
Missing authorization check bypassed
Persist
Complete traffic disruption triggered
Impact
System auto-recovers after interval

Vulnerability AssessmentAI

Exploitation The attacker must have local, authenticated CLI access to an affected EX Series switch (EX2300, EX4000, EX4100, EX4300-MP, or EX4400) running a vulnerable Junos OS version in the 23.2R2 through 25.4 release trains. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 score of 5.5 (Medium) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H accurately reflects the attack profile: local access is required (AV:L), complexity is low (AC:L), and only low-privilege authentication is needed (PR:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with any valid local Junos OS account on an affected EX Series switch - including a low-privilege monitoring or read-only account - logs into the CLI and executes a specific privileged 'request' command. Because the authorization check is absent, the command executes without restriction, immediately causing complete traffic disruption across the switch until the system automatically recovers. …
Remediation The primary fix is to upgrade to a corrected Junos OS release for the applicable train: 23.2R2-S6 or later, 23.4R2-S8 or later, 24.2R2-S4 or later, 24.4R2-S3 or later, 25.2R2 or later, or 25.4R1-S1 or later. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-57026 HIGH
8.7 Jul 09

Denial-of-service in Juniper Networks Junos OS on MX Series (with SPC3) and SRX Series devices allows an unauthenticated

CVE-2026-57023 HIGH
8.7 Jul 09

Remote denial of service in Juniper Networks Junos OS on MX Series (with SPC3) and SRX Series firewalls lets an unauthen

CVE-2026-57022 HIGH
8.2 Jul 09

Denial-of-service in the Packet Forwarding Engine (PFE) of Juniper Junos OS on MX (with SPC3) and SRX-series firewalls l

CVE-2026-57030 HIGH
8.2 Jul 09

Denial-of-service in Juniper Networks Junos OS on SRX Series devices lets an unauthenticated, network-based attacker exh

CVE-2026-57032 HIGH
7.1 Jul 09

Denial-of-service in Juniper Networks Junos OS on EX Series switches (EX2300, EX3400, EX4000, EX4100, EX4400) lets a low

CVE-2026-57027 HIGH
7.1 Jul 09

Denial-of-service in Juniper Junos OS on EX4100 and EX4400 Series switches allows an unauthenticated adjacent attacker t

CVE-2026-57020 HIGH
7.1 Jul 09

Denial-of-service in Juniper Networks Junos OS on QFX10000 Series switches allows an unauthenticated, adjacent (Layer 2)

CVE-2026-57019 HIGH
7.1 Jul 09

Denial-of-service in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series routers lets an unauth

CVE-2026-57021 MEDIUM
6.9 Jul 09

Out-of-bounds write in the Juniper Networks Junos OS http-gatekeeper (http-gk) process on SRX Series firewalls crashes t

CVE-2026-57024 MEDIUM
6.9 Jul 09

Repeated IKE negotiation failures on Juniper Junos OS (MX with SPC3 and SRX Series) cause a peer index rollover that ass

CVE-2026-57054 MEDIUM
6.9 Jul 09

Web filtering bypass on Juniper Networks Junos OS MX Series exposes downstream resources to unauthenticated network atta

CVE-2026-57025 MEDIUM
6.8 Jul 09

Denial-of-service in Juniper Networks Junos OS and Junos OS Evolved on EX Series, QFX Series, and MX Series allows a loc

Share

CVE-2026-33802 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy