CVE-2026-33771
Received Received - Intake
Weak Password Enforcement in Juniper CTP OS Enables Device Takeover

Publication date: 2026-04-09

Last updated on: 2026-04-09

Assigner: Juniper Networks, Inc.

Description
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the administrator to set password complexity requirements, but these settings are not saved. The issue can be verified with the menu option "Show password requirements". Failure to enforce the intended requirements can lead to weak passwords being used, which significantly increases the likelihood that an attacker can guess these and subsequently attain unauthorized access. This issue affects CTP OS versions 9.2R1 and 9.2R2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-09
Last Modified
2026-04-09
Generated
2026-05-07
AI Q&A
2026-04-10
EPSS Evaluated
2026-05-05
NVD
CVE-2026-33771
EUVD
EUVD-2026-21193
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
juniper_networks ctp_os to 9.2r1 (inc)
juniper_networks ctp_os to 9.2r2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-521 The product does not require that users should have strong passwords.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :

The vulnerability can lead to unauthorized access to the affected device by allowing attackers to guess weak passwords. This can potentially result in the attacker taking full control of the device, which may compromise the security and operation of the network infrastructure relying on the device.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

The vulnerability can be detected by checking the password complexity requirements settings on the affected Juniper Networks CTP OS devices. Specifically, the issue can be verified using the menu option "Show password requirements" to see if the intended password complexity settings are actually enforced.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, administrators should ensure that strong password complexity requirements are properly configured and enforced on the device. Since the password management menu settings are not saved by default, it is important to verify and reapply these settings as needed to prevent weak passwords from being used.


Can you explain this vulnerability to me?

This vulnerability is a Weak Password Requirements issue in the password management function of Juniper Networks CTP OS. It allows an unauthenticated, network-based attacker to exploit weak passwords of local accounts because the system does not save the password complexity settings set by the administrator. As a result, weak passwords can be used, increasing the chance that an attacker can guess them and gain unauthorized access to the device.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart