Hacker Pranks – Fake Hacking Simulations & Tech Pranks

# Critical Juniper PTX Router RCE Vulnerability Patches Released

In a recent move, Juniper Networks has issued an emergency patch to address a critical remote code execution (RCE) vulnerability in their PTX Series routers, impacting multiple versions of Junos OS Evolved. The patch aims to protect network infrastructure from potential exploitation by unauthenticated attackers.

According to the advisory published by the vendor, the vulnerability, tracked as CVE-2026-21902 (CVSS score of 9.3), lies within the On-Box Anomaly Detection framework of Junos OS Evolved on PTX Series routers. This critical flaw allows an unauthenticated network-based attacker to execute code as root due to incorrect permissions assigned to the service, which is enabled by default. A remote attacker can take complete control of the device using this vulnerability.

The affected versions include 25.4R1-S1-EVO and 25.4R2-EVO, but not earlier releases or standard Junos OS. Juniper discovered the vulnerability during internal product security testing or research, and their Security Incident Response Team (SIRT) reports no active exploitation of this flaw in the wild.

To mitigate the risk associated with this critical RCE vulnerability, customers are advised to apply the patch promptly. The vendor recommends limiting access to the vulnerable service using ACLs or firewall filters to allow only trusted hosts or disabling the service entirely with request pfe anomalies disable as a workaround.

In order to protect network infrastructure from potential exploitation by unauthenticated attackers, users must ensure they have applied the latest security update for Junos OS Evolved and PTX routers. This patch is essential in preventing unauthorized code execution on these devices, which can have severe consequences for network security.

It's worth noting that a service enabled by default but should only be accessible to internal processes over an internal routing instance can also be accessed externally due to incorrect permissions, allowing full device takeover. A correct implementation of access control measures, such as limiting access to the service using ACLs or firewall filters, is necessary to mitigate this risk.

As with any critical vulnerability, it's vital for network administrators and security teams to stay informed about patches and updates to ensure their systems are protected from potential exploitation.

Follow me on Twitter: @securityaffairs

HACKER_BLOG

JUNIPER ISSUES EMERGENCY PATCH FOR CRITICAL PTX ROUTER RCE

HACKER_BLOG

JUNIPER ISSUES EMERGENCY PATCH FOR CRITICAL PTX ROUTER RCE

RELATED POSTS

AI-powered campaign compromises 600 FortiGate systems worldwide

CISA: Recently patched RoundCube flaws now exploited in attacks

User accidentally gains control of over 6,700 robot vacuums while tinkering with their own device to enable control with a PlayStation controller — security flaw reveals floor plans and live video feeds