CVE-2026-57054

MEDIUM

Junos OS: MX Series: Web filtering doesn't block specifically formatted URLs

Title source: cna
STIX 2.1

Description

A Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreachable. If an MX Series device is configured with web filtering, and an attacker sends a request with a specifically formatted URL, this request will get forwarded despite the system being configured to block it. In turn, an attacker can access downstream resources that are expected to be unreachable. This issue affects Junos OS on MX Series: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S8, * 24.2 versions before 24.2R2-S5, * 24.4 versions before 24.4R2-S4, * 25.2 versions before 25.2R2-S1, * 25.4 versions before 25.4R1-S2, 25.4R2.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory
https://supportportal.juniper.net/JSA110093

Scores

CVSS v3 5.8
EPSS 0.0035
EPSS Percentile 26.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-706
Status published
Products (8)
juniper/junos 23.2 (11 CPE variants)
juniper/junos 23.4 (12 CPE variants)
juniper/junos 24.2 (9 CPE variants)
juniper/junos 24.4 (8 CPE variants)
juniper/junos 25.2 (5 CPE variants)
juniper/junos 25.4 (3 CPE variants)
juniper/junos < 23.2
Juniper Networks/Junos OS < 23.2R2-S7
Published Jul 09, 2026
Tracked Since Jul 10, 2026