CVE-2026-57031
Awaiting Analysis
Awaiting Analysis - Queue
Firewall Filter Bypass in Juniper Junos OS on MX Series
Vulnerability report for CVE-2026-57031, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-09
Last updated on: 2026-07-10
Assigner: Juniper Networks, Inc.
Description
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters.
On MX Series devices withΒ MPC10/11, LC4800/9600, and MX304 withΒ subscribers configured on static interfaces, ingress firewall filters are not enforced, so that neither protocol level nor upstream bandwidth limitation are in effect.Β
This issue affects Junos OS on MX withΒ MPC10/11, LC4800/9600/4802, and MX304:
* 23.2 versions from 23.2R2-S1 before 23.2R2-S7,
* 23.4 versions from 23.4R2 before 23.4R2-S7,
* 24.2 versions before 24.2R2-S3,
* 24.4 versions before 24.4R2-S2,
* 25.2 versions before 25.2R2.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper_networks | junos_os | From 23.2R2-S1 (inc) to 23.2R2-S7 (exc) |
| juniper_networks | junos_os | From 23.4R2 (inc) to 23.4R2-S7 (exc) |
| juniper_networks | junos_os | to 24.2R2-S3 (exc) |
| juniper_networks | junos_os | to 24.4R2-S2 (exc) |
| juniper_networks | junos_os | to 25.2R2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |