What is CVE-2026-33776?

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information. A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensitive information. This issue affects Junos OS: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S1, * 25.2 version before 25.2R1-S2, 25.2R2; Junos OS Evolved: * all versions before 23.2R2-S6-EVO, * 23.4 version before 23.4R2-S6-EVO, * 24.2 version before 24.2R2-S4-EVO, * 24.4 versions before 24.4R2-S1-EVO, * 25.2 versions before 25.2R2-EVO.

What is the severity of CVE-2026-33776?

CVE-2026-33776 has a CVSS v3 score of 5.5, which is classified as Medium severity.

Is there an exploit available for CVE-2026-33776?

No known public exploits are currently available for CVE-2026-33776.

Is there a patch available for CVE-2026-33776?

Yes, patches are available for CVE-2026-33776. Check the vendor advisories for update instructions.

CVE-2026-33776 - CVE Details, Severity, and Analysis

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

CVE-2026-33776 - CVE Details, Severity, and Analysis | Strobes VI

Severity Scores

CVSS v35.5

CVSS v20.0

Priority Score190.0

EPSS Score0.0

Medium

Exploitation LikelihoodMinimal

0.00%EPSS

Very low probability of exploitation

Monitor and patch as resources allow

0.00%

EPSS

5.5

CVSS

Exploit

Yes

Patch

Low Priority

no major risk factors

EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.

Description

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information.

A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensitive information.

This issue affects

Junos OS:

all versions before 22.4R3-S8,
23.2 versions before 23.2R2-S6,
23.4 versions before 23.4R2-S6,
24.2 versions before 24.2R2-S4,
24.4 versions before 24.4R2-S1,
25.2 version before 25.2R1-S2, 25.2R2;

Junos OS Evolved:

all versions before 23.2R2-S6-EVO,
23.4 version before 23.4R2-S6-EVO,
24.2 version before 24.2R2-S4-EVO,
24.4 versions before 24.4R2-S1-EVO,
25.2 versions before 25.2R2-EVO.

CVSS v3 Breakdown

Attack Vector:Local

Attack Complexity:Local

Privileges Required:Local

User Interaction:Network

Scope:Unchanged

Confidentiality:High

Integrity:Network

Availability:Network

Patch References

[email protected]

Trend Analysis

Neutral

Vulnerable Products

Vendor	Product
Juniper	Junos Os Evolved
Juniper