Skip to main content

Juniper EUVDEUVD-2026-21204

| CVE-2026-33785 MEDIUM
Missing Authorization (CWE-862)
2026-04-09 sirt@juniper.net GHSA-m5fr-cwvv-7qff
6.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
6.3 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
24.4R2-S3,25.2R2
EUVD ID Assigned
Apr 09, 2026 - 22:22 euvd
EUVD-2026-21204
Analysis Generated
Apr 09, 2026 - 22:22 vuln.today
CVE Published
Apr 09, 2026 - 22:16 nvd
MEDIUM 6.3

DescriptionCVE.org

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices.

Any user logged in, without requiring specific privileges, can issue 'request csds' CLI operational commands. These commands are only meant to be executed by high privileged or users designated for Juniper Device Manager (JDM) / Connected Security Distributed Services (CSDS) operations as they will impact all aspects of the devices managed via the respective MX.

This issue affects Junos OS on MX Series:

  • 24.4 releases before 24.4R2-S3,
  • 25.2 releases before 25.2R2.

This issue does not affect Junos OS releases before 24.4.

AnalysisAI

Juniper Networks Junos OS on MX Series allows authenticated local users with low privileges to execute 'request csds' CLI commands intended only for high-privileged administrators or CSDS operators, enabling complete compromise of managed devices. The vulnerability affects Junos OS 24.4 releases before 24.4R2-S3 and 25.2 releases before 25.2R2. No public exploit code or active exploitation has been identified at time of analysis, though the CVSS score of 6.3 reflects moderate severity with high system impact.

Technical ContextAI

This vulnerability is a missing authorization flaw (CWE-862) in Juniper's CLI implementation on MX Series routers. The 'request csds' operational commands are designed to manage Connected Security Distributed Services-a critical system for orchestrating security services across managed devices-yet the CLI parser fails to enforce privilege-level checks before accepting these commands. Authenticated users with low privileges (PR:L per CVSS:4.0) can interact directly with the CLI interface (AV:L, local attack vector) without satisfying the elevated role requirements that should gate access to infrastructure management operations. The issue affects Junos OS versions 24.4R0 through 24.4R2-S3 and 25.2R0 through 25.2R2, with earlier Junos OS releases unaffected.

RemediationAI

Vendors should apply the security patches immediately: upgrade Junos OS 24.4 systems to 24.4R2-S3 or later, and upgrade Junos OS 25.2 systems to 25.2R2 or later. Organizations unable to patch immediately should implement network-level access controls to restrict local console and SSH access to MX Series routers to authorized administrators only, and monitor CLI audit logs for 'request csds' command execution by non-administrative accounts. Consult Juniper Security Advisory JSA107872 (https://kb.juniper.net/JSA107872) for detailed patch availability and deployment guidance.

CVE-2015-7755 CRITICAL POC
9.8 Dec 19

Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r

CVE-2025-21590 MEDIUM
6.7 Mar 12

A security vulnerability in An Improper (CVSS 6.7) that allows a local attacker with high privileges. Risk factors: acti

CVE-2023-36845 CRITICAL POC
9.8 Aug 17

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series all

CVE-2013-6618 CRITICAL POC
9.0 Nov 05

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3,

CVE-2017-10622 CRITICAL
9.8 Oct 13

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote un

CVE-2018-20193 HIGH POC
8.8 Dec 21

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by

CVE-2014-6380 HIGH POC
7.8 Oct 14

Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 befor

CVE-2021-0253 HIGH POC
7.8 Apr 22

NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby al

CVE-2021-0252 HIGH POC
7.8 Apr 22

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allow

CVE-2019-0053 HIGH POC
7.8 Jul 11

Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffe

CVE-2023-22415 HIGH POC
7.5 Jan 13

An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-ba

CVE-2022-22223 HIGH POC
7.5 Oct 18

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (P

Share

EUVD-2026-21204 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy