What is CVE-2026-33791?

CVE-2026-33791 is a medium-severity vulnerability in Juniper Networks Junos Os, classified under OS Command Injection. CVSS score: 6.7/10. Published 2026-04-09.

How severe is CVE-2026-33791?

Medium severity. CVSS v3 base score is 6.7 out of 10.

RCE in Juniper Networks Junos Os

CVE-2026-33791

An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, lea…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.000 (2.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Juniper Networks Junos Os — versions 0, 23.2, 23.4
Juniper Networks Junos Os Evolved — versions 0, 23.2, 23.4

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

kb.juniper.net/JSA107875 (vendor-advisory)
supportportal.juniper.net/JSA107875 (vendor-advisory)

Frequently asked questions

What is CVE-2026-33791?: CVE-2026-33791 is a medium-severity vulnerability in Juniper Networks Junos Os, classified under OS Command Injection. CVSS score: 6.7/10. Published 2026-04-09.
How severe is CVE-2026-33791?: Medium severity. CVSS v3 base score is 6.7 out of 10.