High severity7.3NVD Advisory· Published Apr 9, 2026· Updated Apr 17, 2026
CVE-2026-21916
CVE-2026-21916
Description
A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system.
When after a user has performed a specific 'file link ...' CLI operation, another user commits (unrelated configuration changes), the first user can login as root.
This issue affects Junos OS: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S2, * 25.2 versions before 25.2R2.
This issue does not affect versions 25.4R1 or later.
Affected products
40cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*+ 39 more
- cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*range: <23.2
- cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r2-s3:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r2-s4:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r2-s5:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.2:r2-s6:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r2-s4:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:23.4:r2-s5:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:24.4:r2-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:25.2:r1-s1:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:25.2:r1-s2:*:*:*:*:*:*
- (no CPE)range: all versions before 23.2R2-S7, 23.4 before 23.4R2-S6, 24.2 before 24.2R2-S3, 24.4 before 24.4R2-S2, 25.2 before 25.2R2
Patches
Vulnerability mechanics
References
1- kb.juniper.net/JSA107807nvdMitigationVendor Advisory
News mentions
0No linked articles in our index yet.