嗯,用户让我总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。好的,首先我需要仔细阅读文章,抓住主要信息。 文章讲的是Juniper Networks的PTX系列路由器上的Junos OS Evolved系统存在一个关键漏洞,编号是CVE-2026-21902。这个漏洞允许未经身份验证的攻击者远程执行代码,并获得root权限。问题出在“On-Box Anomaly Detection”框架的权限分配错误,这个框架本应只在内部使用,但被错误地暴露在外部端口上。 漏洞影响的是Junos OS Evolved版本在25.4R1-S1-EVO和25.4R2-EVO之前的版本。Juniper已经发布了修复补丁,并建议用户升级或限制访问。此外,文章还提到过去Juniper设备多次成为攻击目标的例子。 现在我要把这些信息浓缩到一百字以内。要包括漏洞名称、影响、原因、攻击后果以及修复建议。可能还要提到Juniper设备常受攻击的情况。 最后,确保语言简洁明了,不使用任何复杂的术语,让读者一目了然。 </think> Juniper Networks PTX系列路由器上的Junos OS Evolved系统存在严重漏洞(CVE-2026-21902),允许未认证攻击者通过外部端口远程执行代码并获得root权限。该漏洞由“On-Box Anomaly Detection”框架的权限分配错误引起。受影响版本为25.4R1-S1-EVO和25.4R2-EVO之前的版本,修复已发布。 2026-2-26 16:46:54 Author: www.bleepingcomputer.com(查看原文) 阅读量:10 收藏
A critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could allow an unauthenticated attacker to execute code remotely with root privileges.
PTX Series routers are high-performance core and peering routers built for high throughput, low latency, and scale. They are commonly used by internet service providers, telecommunication services, and cloud network applications.
The security issue is identified as CVE-2026-21902 and is caused by incorrect permission assignment in the ‘On-Box Anomaly Detection’ framework, which should be exposed to internal processes only over the internal routing interface.
However, the glitch allows accessing the framework over an externally exposed port, Juniper Networks explains in a security advisory.
Because the service runs as root and is enabled by default, successful exploitation would allow an attacker who is already on the network to take full control of the device without authentication.
The issue affects Junos OS Evolved versions before 25.4R1-S1-EVO and 25.4R2-EVO, on PTX Series routers. Older versions may also be impacted, but the vendor does not assess releases that have reached the end-of-engineering or end-of-life (EoL) phase.
Versions before 25.4R1-EVO, and standard (non-Evolved) Junos OS versions are not impacted by CVE-2026-21902. Juniper Networks has delivered fixes in versions 25.4R1-S1-EVO, 25.4R2-EVO, and 26.2R1-EVO of the product.
Juniper's Security Incident Response Team (SIRT) states that it was not aware of malicious exploitation of the vulnerability at the time of publishing the security bulletin.
If immediate patching is not possible, the vendor's recommendation is to restrict access to the vulnerable endpoints to trusted networks only using firewall filters or Access Control Lists (ACLs). Alternatively, administrators may disable the vulnerable service entirely using:
'request pfe anomalies disable'
Juniper Networks products are typically an attractive target for advanced hackers as the network equipment is used by service providers requiring high bandwidth, such as cloud data centers and large enterprises.
In March 2025, it was revealed that Chinese cyber-espionage actors were deploying custom backdoors on EoL Junos OS MX routers to drop a set of ‘TinyShell’ backdoor variants.
In January 2025, a malware campaign dubbed ‘J-magic’ targeted Juniper VPN gateways used in the semiconductor, energy, manufacturing, and IT sectors, deploying network-sniffing malware that activated upon receiving a “magic packet.”
In December 2024, Juniper Networks Smart routers became targets of Mirai botnet campaigns, getting enlisted in distributed denial of service (DDoS) swarms.
The future of IT infrastructure is here
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.
如有侵权请联系:admin#unsafe.sh