anonhaven
Ad

CVE-2026-21916

HIGH CVSS 4.0: 7.0 EPSS 0.01%
Updated Apr 17, 2026
Juniper
Parameter Value
CVSS 7.0 (HIGH)
Affected Versions before 23.2
Fixed In 23.2
Type CWE-61 (UNIX Symlink Following)
Vendor Juniper
Public PoC No

A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file link ...' CLI operation, another user commits (unrelated configuration changes), the first user can login as root. This issue affects Junos OS: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S2, * 25.2 versions before 25.2R2.

This issue does not affect versions 25.4R1 or later.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
Passive
Minimal interaction

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-61 UNIX Symlink Following

Vulnerable Products 39

Configuration From (including) Up to (excluding)
Juniper Junos
cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
 23.2
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r2-s3:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r2-s4:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r2-s5:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.2:r2-s6:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r2-s4:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:23.4:r2-s5:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r2-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:25.2:r1-s1:*:*:*:*:*:*
Juniper Junos
cpe:2.3:o:juniper:junos:25.2:r1-s2:*:*:*:*:*:*

References 1

https://kb.juniper.net/JSA107807
sirt@juniper.net
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-33797

Juniper

7.1

CVE-2026-33793

Juniper

8.5

CVE-2026-33791

Juniper

8.4

CVE-2026-33790

Juniper

8.7

CVE-2026-33787

Juniper

6.8