Critical Juniper Networks PTX Router Vulnerability (CVE-2026-21902)
Summary
Hide ▲
Show ▼
A critical vulnerability (CVE-2026-21902) in Juniper Networks' Junos OS Evolved, affecting PTX Series routers, allows unauthenticated remote code execution with root privileges. The flaw stems from incorrect permission assignment in the 'On-Box Anomaly Detection' framework, which is exposed over an external port by default. Successful exploitation could lead to full router takeover. The issue impacts versions before 25.4R1-S1-EVO and 25.4R2-EVO, with fixes available in newer versions. Juniper Networks has not observed active exploitation as of the advisory's publication.
Timeline
-
26.02.2026 18:42 1 articles · 3h ago
Critical Juniper Networks PTX Router Vulnerability Disclosed
A critical vulnerability (CVE-2026-21902) in Juniper Networks' Junos OS Evolved, affecting PTX Series routers, has been disclosed. The flaw allows unauthenticated remote code execution with root privileges due to incorrect permission assignment in the 'On-Box Anomaly Detection' framework. The issue impacts versions before 25.4R1-S1-EVO and 25.4R2-EVO, with fixes available in newer versions. Juniper Networks has not observed active exploitation as of the advisory's publication.
Show sources
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42
Information Snippets
-
The vulnerability (CVE-2026-21902) is caused by incorrect permission assignment in the 'On-Box Anomaly Detection' framework, allowing external access to an internal service.
First reported: 26.02.2026 18:421 source, 1 articleShow sources
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42
-
The flaw affects Junos OS Evolved versions before 25.4R1-S1-EVO and 25.4R2-EVO on PTX Series routers.
First reported: 26.02.2026 18:421 source, 1 articleShow sources
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42
-
Juniper Networks has released fixes in versions 25.4R1-S1-EVO, 25.4R2-EVO, and 26.2R1-EVO.
First reported: 26.02.2026 18:421 source, 1 articleShow sources
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42
-
Juniper Networks' Security Incident Response Team (SIRT) has not observed malicious exploitation of the vulnerability at the time of the advisory.
First reported: 26.02.2026 18:421 source, 1 articleShow sources
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42
-
As a mitigation, Juniper recommends restricting access to vulnerable endpoints or disabling the 'On-Box Anomaly Detection' service.
First reported: 26.02.2026 18:421 source, 1 articleShow sources
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42