CVE-2026-33791

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S8, from 23.2 before 23.2R2-S5, from 23.4 before 23.4R2-S7, from 24.2 before 24.2R2-S2, from 24.4 before 24.4R2, and from 25.2 before 25.2R2. Juniper Networks Junos OS Evolved versions prior to 22.4R3-S8-EVO, from 23.2 before 23.2R2-S5-EVO, from 23.4 before 23.4R2-S7-EVO, from 24.2 before 24.2R2-S2-EVO, from 24.4 before 24.4R2-EVO, and from 25.2 before 25.2R1-S1-EVO, 25.2R2-EVO.

Description An OS Command Injection issue exists in the CLI processing of Junos OS and Junos OS Evolved. A local, high-privileged attacker executing specific, crafted CLI commands can inject arbitrary shell commands as root, potentially leading to a complete system compromise. Certain 'set system' commands, when executed with crafted arguments, are not properly sanitized, allowing for arbitrary shell injection. These shell commands are executed with root privileges.

Recommendations Update Junos OS to version 22.4R3-S8 or later. Update Junos OS to version 23.2R2-S5 or later. Update Junos OS to version 23.4R2-S7 or later. Update Junos OS to version 24.2R2-S2 or later. Update Junos OS to version 24.4R2 or later. Update Junos OS to version 25.2R2 or later. Update Junos OS Evolved to version 22.4R3-S8-EVO or later. Update Junos OS Evolved to version 23.2R2-S5-EVO or later. Update Junos OS Evolved to version 23.4R2-S7-EVO or later. Update Junos OS Evolved to version 24.2R2-S2-EVO or later. Update Junos OS Evolved to version 24.4R2-EVO or later. Update Junos OS Evolved to version 25.2R1-S1-EVO or 25.2R2-EVO or later.