Weak Password Management Vulnerability in Juniper Networks CTP OS
CVE-2026-33771

9.1CRITICAL

Key Information:

Vendor: Juniper Networks
Status: Ctp Os
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-33771?

A vulnerability in the password management system of Juniper Networks CTP OS could allow attackers to exploit weak passwords associated with local user accounts. The system provides an option for administrators to set password complexity requirements; however, these settings are not properly enforced or saved. As a result, administrators may inadvertently allow weak passwords, creating opportunities for unauthorized network-based access. This raises significant security concerns for devices operating with affected versions, specifically 9.2R1 and 9.2R2, as attackers may utilize these predictable passwords to gain control over the device.

Affected Version(s)

CTP OS 9.2R1 <= 9.2R2

References

https://kb.juniper.net/JSA107864

vendor-advisory

CVSS V4

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33771 Data

JSON