Cybersecurity

Cyber: Critical Juniper Networks Ptx Flaw Allows Full Router Takeover

2026-02-26 0 views admin
Cyber: Critical Juniper Networks Ptx Flaw Allows Full Router Takeover

A critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could allow an unauthenticated attacker to execute code remotely with root privileges.

PTX Series routers are high-performance core and peering routers built for high throughput, low latency, and scale. They are commonly used by internet service providers, telecommunication services, and cloud network applications.

The security issue is identified as CVE-2026-21902 and is caused by incorrect permission assignment in the ‘On-Box Anomaly Detection’ framework, which should be exposed to internal processes only over the internal routing interface.

However, the glitch allows accessing the framework over an externally exposed port, Juniper Networks explains in a security advisory.

Because the service runs as root and is enabled by default, successful exploitation would allow an attacker who is already on the network to take full control of the device without authentication.

The issue affects Junos OS Evolved versions before 25.4R1-S1-EVO and 25.4R2-EVO, on PTX Series routers. Older versions may also be impacted, but the vendor does not assess releases that have reached the end-of-engineering or end-of-life (EoL) phase.

Versions before 25.4R1-EVO, and standard (non-Evolved) Junos OS versions are not impacted by CVE-2026-21902. Juniper Networks has delivered fixes in versions 25.4R1-S1-EVO, 25.4R2-EVO, and 26.2R1-EVO of the product.

Juniper's Security Incident Response Team (SIRT) states that it was not aware of malicious exploitation of the vulnerability at the time of publishing the security bulletin.

If immediate patching is not possible, the vendor's recommendation is to restrict access to the vulnerable endpoints to trusted networks only using firewall filters or Access Control Lists (ACLs). Alternatively, administrators may disable the vulnerable service entirely using:

Juniper Networks products are typically an attractive target for advanced hackers as the network equipment is used by service providers requiring high bandwidth, such as cloud data centers and large enterprises.

Source: BleepingComputer

🏷️ Tags

securityhackvulnerabilitycveattack

More from Cybersecurity

Cyber: Aeternum C2 Botnet Stores Encrypted Commands On Polygon Blockchain...

Cyber: Aeternum C2 Botnet Stores Encrypted Commands On Polygon Blockchain...

2026-02-26 0
Cyber: Trend Micro Warns Of Critical Apex One Code Execution Flaws 2026

Cyber: Trend Micro Warns Of Critical Apex One Code Execution Flaws 2026

2026-02-26 0
Cyber: European Dyi Chain Manomano Data Breach Impacts 38 Million Customers

Cyber: European Dyi Chain Manomano Data Breach Impacts 38 Million Customers

2026-02-26 0
Cyber: Olympique Marseille Confirms 'attempted' Cyberattack After Data Leak

Cyber: Olympique Marseille Confirms 'attempted' Cyberattack After Data Leak

2026-02-26 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views