CVE-2026-33802 in Junos OS
Summary
by MITRE • 07/10/2026
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service (DoS).
On EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400 switches, an authenticated, local attacker with no specific permissions or class can execute a specific, privileged CLI 'request' command which will cause complete traffic impact until the system automatically recovers.
This issue affects Junos OS on EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400:
* 23.2R2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S8, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S3, * 25.2 versions before 25.2R2, * 25.4 versions before 25.4R1-S1.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 07/10/2026
This vulnerability represents a critical authorization flaw in Juniper Networks Junos OS affecting multiple EX Series switch models including EX2300, EX4000, EX4100, EX4300-MP, and EX4400 devices. The issue stems from insufficient access controls within the command line interface that allows any authenticated local user to execute privileged commands without proper authorization checks. This missing authorization mechanism creates a path for privilege escalation and system disruption that directly violates fundamental security principles of least privilege and access control enforcement.
The technical exploitation occurs through a specific privileged CLI 'request' command that can be invoked by any local authenticated user regardless of their assigned permissions or class membership. This command triggers a system-level denial-of-service condition that completely disrupts network traffic flow until automatic recovery mechanisms are triggered. The vulnerability operates at the operational level of the Junos OS, targeting the command processing subsystem where authentication checks should prevent unauthorized execution of privileged operations. From a cybersecurity perspective, this represents a classic case of inadequate input validation and access control enforcement that enables unauthorized system manipulation.
The operational impact of this vulnerability extends beyond simple service disruption to potentially compromise network availability and integrity across affected deployments. When exploited, the denial-of-service condition affects all traffic passing through the impacted switch, creating network outages that can span entire data center or campus network segments depending on the switch role within the topology. The recovery process requires system restart or manual intervention, causing extended downtime that can impact business operations and service level agreements. Network administrators may experience cascading failures if multiple switches in a deployment are affected, particularly in redundant or clustered environments where the DoS condition can propagate across interconnected devices.
This vulnerability aligns with CWE-284 (Improper Access Control) and represents a significant weakness in the Junos OS security model that allows local privilege escalation through unauthorized command execution. The ATT&CK framework categorizes this under privilege escalation techniques where adversaries leverage insufficient access controls to gain elevated system privileges. Organizations should immediately implement the vendor-provided patches for affected versions, ensuring all systems are updated to the latest service releases. Network segmentation strategies should be considered to limit local access to critical network infrastructure, and monitoring should be enhanced to detect unauthorized CLI command execution patterns. Additionally, implementing role-based access controls and regular security audits can help identify potential exploitation attempts while maintaining operational visibility into system command usage across authenticated user sessions.
The affected versions demonstrate a pattern of vulnerability persistence across multiple Junos OS release branches, indicating that the authorization flaw existed for extended periods without proper remediation. Organizations should conduct comprehensive inventory assessments to identify all affected switch models and prioritize patching based on network criticality and risk exposure. The vulnerability affects both legacy and newer releases, emphasizing the importance of maintaining current security patches and conducting regular vulnerability assessments across all network infrastructure components. Regular security training for network administrators regarding proper access control practices and monitoring for anomalous command execution patterns should be implemented as part of comprehensive cybersecurity defense strategies.