CVE-2026-33791 — OS Command Injection in Networks Junos OS

CWE-78 — OS Command Injection4 documents4 sources

Severity

8.4HIGHNVD

EPSS

0.1%

top 81.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved

Timeline

PublishedApr 9

Latest updateApr 10

Description

An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the system. Certain 'set system' commands, when executed with crafted arguments, are not properly sanitized, allowing for arbitrary shell injection. These shell commands are executed as root, potentially allowing for complete c…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os_evolved23.2 — 23.2R2-S5-EVO+5

▶CVEListV5juniper_networks/junos_os23.2 — 23.2R2-S5+5

🔴Vulnerability Details

VulDB

Juniper Junos OS/Junos OS Evolved CLI os command injection (JSA107875)↗2026-04-10

▶

GHSA

GHSA-j4rr-c2v3-296r: An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker↗2026-04-10

▶

CVEList

Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as root↗2026-04-09

▶