Juniper Networks Jsi Lwc vulnerabilities
2 known vulnerabilities affecting juniper_networks/jsi_lwc.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-33784P2CRITICALCVSS 9.8fixed in 3.0.942026-04-09
CVE-2026-33784 [CRITICAL] CWE-1393 CVE-2026-33784: A Use of Default Password vulnerability in the Juniper Networks Support Insights (JSI) Virtual L
A Use of Default Password vulnerability in the Juniper Networks
Support Insights (JSI)
Virtual Lightweight Collector (vLWC) allows an unauthenticated, network-based attacker to take full control of the device.
vLWC software images ship with an initial password for a high privileged account. A change of this password is not enforced during the prov
nvd
CVE-2026-21915P3MEDIUMCVSS 6.7fixed in 3.0.942026-04-09
CVE-2026-21915 [MEDIUM] CWE-183 CVE-2026-21915: A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights (JS
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows a local, high privileged attacker to escalate their privileges to root.
The CLI menu accepts input without carefully validating it, which allows for shell command injection. These shell commands are exec
nvd