CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2025-30652 – Junos OS and Junos OS Evolved: Executing a specific CLI command when asregex-optimized is configured causes an rpd crash
https://notcve.org/view.php?id=CVE-2025-30652
09 Apr 2025 — An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service (DoS). When asregex-optimized is configured and a specific "show route as-path" CLI command is executed, the rpd crashes and restarts. Repeated execution of this command will cause a sustained DoS condition. This issue affects Junos OS: * All versions before 21.2R3-S9, * fro... • https://supportportal.juniper.net/JSA96462 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.4EPSS: 0%CPEs: 11EXPL: 0CVE-2025-30648 – Junos OS and Junos OS Evolved: Receipt of a specifically malformed DHCP packet causes jdhcpd process to crash
https://notcve.org/view.php?id=CVE-2025-30648
09 Apr 2025 — An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause the jdhcpd process to crash resulting in a Denial of Service (DoS). When a specifically malformed DHCP packet is received from a DHCP client, the jdhcpd process crashes, which will lead to the unavailability of the DHCP service and thereby resulting in a sustained DoS. The DHCP process will restart automatically to recover the ... • https://supportportal.juniper.net/JSA96458 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2025-30646 – Junos OS and Junos OS Evolved: Receipt of a malformed LLDP TLV results in l2cpd crash
https://notcve.org/view.php?id=CVE-2025-30646
09 Apr 2025 — A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to cause the l2cpd process to crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. When an LLDP telemetry subscription is active, receipt of a specifica... • https://supportportal.juniper.net/JSA96456 • CWE-195: Signed to Unsigned Conversion Error •
CVSS: 8.2EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21598 – Junos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crash
https://notcve.org/view.php?id=CVE-2025-21598
09 Jan 2025 — An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects: Junos OS: * from 21.2R3-S8 before 21.2R3-S9, * from 21.4R3-S7 before 21.4R3-S9, * from 22.2R3-S4 before 22.2R3-S5, * from 22.3R3-S2 before 22.3R3-S4, * from 22.4R3 before 22.4R3-S5, * from 23.2R2 before 23.2R2-S2, *... • https://supportportal.juniper.net/JSA92867 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21600 – Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2025-21600
09 Jan 2025 — An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems configured in either of two ways: * systems with BGP traceoptions enabled * ... • https://supportportal.juniper.net/JSA92870 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21602 – Junos OS and Junos OS Evolved: Receipt of specially crafted BGP update packet causes RPD crash
https://notcve.org/view.php?id=CVE-2025-21602
09 Jan 2025 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a specific BGP update packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability. This is... • https://supportportal.juniper.net/JSA92872 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21599 – Junos OS Evolved: Receipt of specifically malformed IPv6 packets causes kernel memory exhaustion leading to Denial of Service
https://notcve.org/view.php?id=CVE-2025-21599
09 Jan 2025 — A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver (jtd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service. Receipt of specifically malformed IPv6 packets, destined to the device, causes kernel memory to not be freed, resulting in memory exhaustion leading to a system crash and Denial of Service (DoS). Continuous receipt and processing of these packets will continue to exhaust kernel memory, creating ... • https://supportportal.juniper.net/JSA92869 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47489 – Junos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the RE
https://notcve.org/view.php?id=CVE-2024-47489
11 Oct 2024 — An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices. Receipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. This influx of... • https://supportportal.juniper.net • CWE-755: Improper Handling of Exceptional Conditions •