CVE-2026-57054
Undergoing Analysis Undergoing Analysis - In Progress

URL Filtering Bypass in Juniper Networks Junos OS MX Series

Vulnerability report for CVE-2026-57054, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: Juniper Networks, Inc.

Description

A Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreachable. If an MX Series device is configured with web filtering, and an attacker sends a request with a specifically formatted URL, this request will get forwarded despite the system being configured to block it. In turn, an attacker can access downstream resources that are expected to be unreachable. This issue affectsΒ Junos OS on MX Series: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S8, * 24.2 versions before 24.2R2-S5, * 24.4 versions before 24.4R2-S4, * 25.2 versions before 25.2R2-S1, * 25.4 versions before 25.4R1-S2, 25.4R2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 6 associated CPEs
Vendor Product Version / Range
juniper_networks junos_os to 23.2R2-S7 (exc)
juniper_networks junos_os to 23.4R2-S8 (exc)
juniper_networks junos_os to 24.2R2-S5 (exc)
juniper_networks junos_os to 24.4R2-S4 (exc)
juniper_networks junos_os to 25.2R2-S1 (exc)
juniper_networks junos_os to 25.4R1-S2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-706 The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Use of Incorrectly-Resolved Name or Reference issue in the URL filtering plugin of Juniper Networks Junos OS on MX Series devices.

It allows an unauthenticated, network-based attacker to bypass web filtering by sending a specially formatted URL request.

Despite the system being configured to block certain URLs, the attacker’s request is forwarded, enabling access to downstream resources that should be unreachable.

Compliance Impact

This vulnerability allows an unauthenticated attacker to bypass web filtering on Juniper Networks Junos OS MX Series devices, potentially accessing downstream resources that should be unreachable.

Such unauthorized access could lead to exposure of sensitive or protected data, which may impact compliance with regulations like GDPR or HIPAA that require strict access controls and protection of personal or health information.

However, the provided information does not explicitly describe the direct impact on compliance frameworks or specific regulatory requirements.

Impact Analysis

The vulnerability can impact you by allowing unauthorized access to network resources that are supposed to be blocked by web filtering.

An attacker can bypass security controls without authentication, potentially exposing sensitive or restricted internal resources.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57054. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart