CVSS: 6.8EPSS: %CPEs: 12EXPL: 0CVE-2025-30655 – Junos OS and Junos OS Evolved: A specific CLI command will cause an RPD crash when rib-sharding and update-threading is enabled
https://notcve.org/view.php?id=CVE-2025-30655
09 Apr 2025 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific "show bgp neighbor" CLI command is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition. The device is only affected if BGP RIB sharding and update-threading is enabled. Th... • https://supportportal.juniper.net/JSA96465 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.8EPSS: %CPEs: 10EXPL: 0CVE-2025-30654 – Junos OS and Junos OS Evolved: A local, low privileged user can access sensitive information
https://notcve.org/view.php?id=CVE-2025-30654
09 Apr 2025 — An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated attacker with access to the CLI to access sensitive information. Through the execution of a specific show mgd command, a user with limited permissions (e.g., a low-privileged login class user) can access sensitive information such as hashed passwords, that can be used to further impact the system. This issue aff... • https://supportportal.juniper.net/JSA96464 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: %CPEs: 8EXPL: 0CVE-2025-30653 – Junos OS and Junos OS Evolved: LSP flap in a specific MPLS scenario leads to rpd crash
https://notcve.org/view.php?id=CVE-2025-30653
09 Apr 2025 — An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-class, and an LSP flaps, rpd crashes and restarts. Continuous flapping of LSP can cause a sustained Denial of Service (DoS) condition. This issue affects: Junos OS: ... • https://supportportal.juniper.net/JSA96463 • CWE-825: Expired Pointer Dereference •
CVSS: 6.8EPSS: %CPEs: 14EXPL: 0CVE-2025-30652 – Junos OS and Junos OS Evolved: Executing a specific CLI command when asregex-optimized is configured causes an rpd crash
https://notcve.org/view.php?id=CVE-2025-30652
09 Apr 2025 — An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service (DoS). When asregex-optimized is configured and a specific "show route as-path" CLI command is executed, the rpd crashes and restarts. Repeated execution of this command will cause a sustained DoS condition. This issue affects Junos OS: * All versions before 21.2R3-S9, * fro... • https://supportportal.juniper.net/JSA96462 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: %CPEs: 12EXPL: 0CVE-2025-30651 – Junos OS and Junos OS Evolved: Receipt of a specific ICMPv6 packet causes a memory overrun leading to an rpd crash
https://notcve.org/view.php?id=CVE-2025-30651
09 Apr 2025 — A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When an attacker sends a specific ICMPv6 packet to an interface with "protocols router-advertisement" configured, rpd crashes and restarts. Continued receipt of this packet will cause a sustained DoS condition. This issue only affects systems configured with IPv6. This issue affec... • https://supportportal.juniper.net/JSA96461 • CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 7.1EPSS: %CPEs: 13EXPL: 0CVE-2025-30646 – Junos OS and Junos OS Evolved: Receipt of a malformed LLDP TLV results in l2cpd crash
https://notcve.org/view.php?id=CVE-2025-30646
09 Apr 2025 — A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to cause the l2cpd process to crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. When an LLDP telemetry subscription is active, receipt of a specifica... • https://supportportal.juniper.net/JSA96456 • CWE-195: Signed to Unsigned Conversion Error •
CVSS: 6.0EPSS: %CPEs: 15EXPL: 0CVE-2025-21597 – Junos OS and Junos OS Evolved: When BGP rib-sharding and update-threading are configured and a peer flaps, an rpd core is observed
https://notcve.org/view.php?id=CVE-2025-21597
09 Apr 2025 — An Improper Check for Unusual or Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when BGP rib-sharding and update-threading are configured, and a BGP peer flap is done with specific timing, rpd crashes and restarts. Continuous peer flapping at specific time intervals will result in a sustained Denial o... • https://kb.juniper.net/JSA96451 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: %CPEs: 11EXPL: 0CVE-2025-21595 – Junos OS and Junos OS Evolved: In an EVPN-VXLAN scenario specific ARP or NDP packets cause FPC to crash
https://notcve.org/view.php?id=CVE-2025-21595
09 Apr 2025 — A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause an FPC to crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in an EVPN-VXLAN scenario, when specific ARP packets are received on an IPv4 network, or specific NDP packets are received on an IPv6 network, kernel heap memory leaks, which eventually leads to an FPC ... • https://supportportal.juniper.net/JSA96450 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.2EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21598 – Junos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crash
https://notcve.org/view.php?id=CVE-2025-21598
09 Jan 2025 — An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects: Junos OS: * from 21.2R3-S8 before 21.2R3-S9, * from 21.4R3-S7 before 21.4R3-S9, * from 22.2R3-S4 before 22.2R3-S5, * from 22.3R3-S2 before 22.3R3-S4, * from 22.4R3 before 22.4R3-S5, * from 23.2R2 before 23.2R2-S2, *... • https://supportportal.juniper.net/JSA92867 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21600 – Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2025-21600
09 Jan 2025 — An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems configured in either of two ways: * systems with BGP traceoptions enabled * ... • https://supportportal.juniper.net/JSA92870 • CWE-125: Out-of-bounds Read •