目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2026-33802— Junos OS EX系列未授权执行CLI命令漏洞

CVSS 5.5 · Medium

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2026-33802の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Junos OS: EX Series: Unauthorized users can execute service-impacting CLI command
ソース: NVD (National Vulnerability Database)
脆弱性説明
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service (DoS). On EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400 switches, an authenticated, local attacker with no specific permissions or class can execute a specific, privileged CLI 'request' command which will cause complete traffic impact until the system automatically recovers. This issue affects Junos OS on EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400: * 23.2R2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S8, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S3, * 25.2 versions before 25.2R2, * 25.4 versions before 25.4R1-S1.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
授权机制缺失
ソース: NVD (National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
Juniper NetworksJunos OS 23.2R2 ~ 23.2R2-S6 -

II. CVE-2026-33802の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2026-33802のインテリジェンス情報

登录查看更多情报信息。

CVE-2026-33802 厂商安全公告 (1)

Same Patch Batch · Juniper Networks · 2026-07-09 · 22 CVEs total

CVE-2026-570267.5 HIGHJunos OS: MX Series with SPC3, SRX Series: Processing of a specifically malformed SIP invi
CVE-2026-570237.5 HIGHJunos OS: MX with SPC3, SRX Series: A specifically malformed TCP packet causes a flowd cra
CVE-2026-570287.3 HIGHJunos OS Evolved: A port which has been inadvertently exposed can be reached by an attacke
CVE-2026-570326.5 MEDIUMJunos OS: EX Series: Subscribing to an unsupported telemetry sensor path causes fxpc proce
CVE-2026-338006.5 MEDIUMJunos OS: MX Series: In a VC scenario a high rate of micro-BFD session flaps will cause an
CVE-2026-338016.5 MEDIUMJunos OS and Junos OS Evolved: When a specifically malformed BGP route update is received
CVE-2026-338036.5 MEDIUMJunos OS Evolved: A port which has been inadvertently exposed can be reached by an attacke
CVE-2026-570196.5 MEDIUMJunos OS: MX Series: Specific traffic causes an FPC to reset
CVE-2026-570206.5 MEDIUMJunos OS: QFX10000 Series: IPv6 multicast traffic received on non-IRB interfaces causes a
CVE-2026-570276.5 MEDIUMJunos OS: EX4100 Series, EX4400: With sFlow configured in a VC scenario multicast traffic
CVE-2026-570225.9 MEDIUMJunos OS: MX Series with SPC3, SRX Series: Specific packet in response to a TCP connection
CVE-2026-570305.9 MEDIUMJunos OS: SRX Series: Flow sessions are not getting cleared leading to a DoS
CVE-2026-337945.9 MEDIUMJunos OS Evolved: PTX Series: Receipt of repeated ECMP routing updates results in PFE cras
CVE-2026-570545.8 MEDIUMJunos OS: MX Series: Web filtering doesn't block specifically formatted URLs
CVE-2026-570255.5 MEDIUMJunos OS and Junos OS Evolved: EX Series, QFX Series, MX Series: A specific 'show l2-learn
CVE-2026-570245.3 MEDIUMJunos OS: MX with SPC3, SRX Series: Repeated VPN negotiation failures will eventually caus
CVE-2026-570215.3 MEDIUMJunos OS: SRX Series: If VPN compliance-check is configured an attacker can cause http-gk
CVE-2026-570295.3 MEDIUMJunos OS Evolved: QFX Series: When sFlow collector reachability changes evo-pfemand proces
CVE-2026-570314.7 MEDIUMJunos OS: MX Series: For subscribers configured on static interfaces, input filters are no
CVE-2026-219014.4 MEDIUMJunos OS and Junos OS Evolved: Configuration of a specific SSH option results in mgd crash

Showing 20 of 22 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2026-33802へのコメント

まだコメントはありません


コメントを残す