PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-57054 Juniper Networks CVE debrief

CVE-2026-57054 is a Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series. This vulnerability allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreachable. The vulnerability exists due to improper resolution of names or references in the URL filtering plugin, which could lead to unauthorized access to sensitive resources. Administrators should review the configuration of web filtering on MX Series devices and ensure that the latest patches are applied to mitigate this vulnerability.

Vendor
Juniper Networks
Product
Junos OS
CVSS
MEDIUM 6.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-09
Original CVE updated
2026-07-10
Advisory published
2026-07-09
Advisory updated
2026-07-10

Who should care

Administrators and security teams responsible for Juniper Networks Junos OS on MX Series devices, especially those with web filtering configured, should be aware of this vulnerability and take necessary actions to mitigate the risk.

Technical summary

The vulnerability exists in the URL filtering plugin of Juniper Networks Junos OS on MX Series devices. An attacker can bypass web filtering by sending a specifically formatted URL request, which will be forwarded despite being configured to be blocked. This allows access to downstream resources expected to be unreachable. Affected versions include all versions before 23.2R2-S7, 23.4 versions before 23.4R2-S8, 24.2 versions before 24.2R2-S5, 24.4 versions before 24.4R2-S4, 25.2 versions before 25.2R2-S1, and 25.4 versions before 25.4R1-S2, 25.4R2.

Defensive priority

Medium priority due to the CVSS score of 6.9 and the potential impact of bypassing web filtering.

Recommended defensive actions

  • Inventory and assess Juniper Networks Junos OS on MX Series devices for web filtering configuration.
  • Check for and apply patches or updates to affected versions.
  • Monitor network traffic for suspicious URL requests.
  • Implement compensating controls, such as additional logging and monitoring.
  • Review and update incident response plans to address potential exploitation.
  • Conduct vulnerability scanning to identify exposed systems.
  • Verify patch deployment and validate configuration changes.

Evidence notes

The CVE record was published on 2026-07-09T22:17:09.180Z and was last modified on 2026-07-10T15:16:46.717Z. The NVD entry is currently in the 'Received' status. Limited details are available about the specific attack vector and downstream resource access.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T22:17:09.180Z and has not been modified since then. The NVD entry is currently Received.