PatchSiren cyber security CVE debrief
CVE-2026-57054 Juniper Networks CVE debrief
CVE-2026-57054 is a Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series. This vulnerability allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreachable. The vulnerability exists due to improper resolution of names or references in the URL filtering plugin, which could lead to unauthorized access to sensitive resources. Administrators should review the configuration of web filtering on MX Series devices and ensure that the latest patches are applied to mitigate this vulnerability.
- Vendor
- Juniper Networks
- Product
- Junos OS
- CVSS
- MEDIUM 6.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-09
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-09
- Advisory updated
- 2026-07-10
Who should care
Administrators and security teams responsible for Juniper Networks Junos OS on MX Series devices, especially those with web filtering configured, should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability exists in the URL filtering plugin of Juniper Networks Junos OS on MX Series devices. An attacker can bypass web filtering by sending a specifically formatted URL request, which will be forwarded despite being configured to be blocked. This allows access to downstream resources expected to be unreachable. Affected versions include all versions before 23.2R2-S7, 23.4 versions before 23.4R2-S8, 24.2 versions before 24.2R2-S5, 24.4 versions before 24.4R2-S4, 25.2 versions before 25.2R2-S1, and 25.4 versions before 25.4R1-S2, 25.4R2.
Defensive priority
Medium priority due to the CVSS score of 6.9 and the potential impact of bypassing web filtering.
Recommended defensive actions
- Inventory and assess Juniper Networks Junos OS on MX Series devices for web filtering configuration.
- Check for and apply patches or updates to affected versions.
- Monitor network traffic for suspicious URL requests.
- Implement compensating controls, such as additional logging and monitoring.
- Review and update incident response plans to address potential exploitation.
- Conduct vulnerability scanning to identify exposed systems.
- Verify patch deployment and validate configuration changes.
Evidence notes
The CVE record was published on 2026-07-09T22:17:09.180Z and was last modified on 2026-07-10T15:16:46.717Z. The NVD entry is currently in the 'Received' status. Limited details are available about the specific attack vector and downstream resource access.
Official resources
-
CVE-2026-57054 CVE record
CVE.org
-
CVE-2026-57054 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T22:17:09.180Z and has not been modified since then. The NVD entry is currently Received.