Incorrect Initialization of Resource Vulnerability in Junos OS on Juniper Networks Devices
CVE-2026-33773

6.9MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-33773?

An Incorrect Initialization of Resource vulnerability in the packet forwarding engine of Junos OS allows an unauthenticated network-based attacker to manipulate traffic handling on certain EX and QFX Series devices. When both family inet and inet6 filters are applied to an IRB and a physical interface as egress filters, conflicts can arise, leading to unintended traffic flowing through an interface that should be blocked. This flaw impacts versions 23.4R2-S6 and 24.2R2-S3 specifically.

Affected Version(s)

Junos OS EX Series 23.4R2-S6 < 23.4R2-S7

Junos OS EX Series 24.2R2-S3 < 24.2R2-S4

References

https://kb.juniper.net/JSA107815

vendor-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33773 Data

JSON