Improper Check for Exceptional Conditions Vulnerability in Juniper Networks Junos OS on MX Series
CVE-2026-33774

6.9MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-33774?

An improper check vulnerability has been identified in the packet forwarding engine of Juniper Networks' Junos OS on MX Series devices. This weakness allows an unauthenticated network-based attacker to bypass configured firewall filters and directly access the device's control plane. Specifically, when using MPC10, MPC11, LC4800, or LC9600 line cards, firewall filters linked to non-zero loopback interfaces may not execute as intended if those interfaces are configured in the global VRF or default routing instance. This misconfiguration can lead to significant security implications as critical access controls are rendered ineffective.

Affected Version(s)

Junos OS MX Series 0 < 23.2R2-S6

Junos OS MX Series 23.4 < 23.4R2-S7

Junos OS MX Series 24.2 < 24.2R2

References

https://kb.juniper.net/JSA107865

vendor-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33774 Data

JSON