CVE-2025-52987— Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-52987
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed
Source: NVD (National Vulnerability Database)
Vulnerability Description
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker's control. This issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
不当限制渲染UI层或帧
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Networks Paragon Automation 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Networks Paragon Automation是美国瞻博网络(Juniper Networks)公司的一款自动化运维平台。 Juniper Networks Paragon Automation 24.1.1之前版本存在安全漏洞,该漏洞源于Web门户未设置适当的X-Frame-Options和X-Content-Type HTTP标头,可能导致点击劫持攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Juniper Networks | Paragon Automation (Pathfinder, Planner, Insights) | 0 ~ 24.1.1 | - |
II. Public POCs for CVE-2025-52987
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-52987
请登录查看更多情报信息。
Same Patch Batch · Juniper Networks · 2026-01-15 · 23 CVEs total
| CVE-2026-21920 | 7.5 HIGH | Junos OS: SRX Series: If a specific request is processed by the DNS subsystem flowd will c |
| CVE-2025-60003 | 7.5 HIGH | Junos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd cra |
| CVE-2026-21918 | 7.5 HIGH | Junos OS: SRX and MX Series: When TCP packets occur in a specific sequence flowd crashes |
| CVE-2026-21917 | 7.5 HIGH | Junos OS: SRX Series: Specifically malformed SSL packet causes FPC crash |
| CVE-2026-21914 | 7.5 HIGH | Junos OS: SRX Series: A specifically malformed GTP message will cause an FPC crash |
| CVE-2026-21913 | 7.5 HIGH | Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and res |
| CVE-2026-21905 | 7.5 HIGH | Junos OS: SRX Series, MX Series with MX-SPC3 or MS-MPC: Receipt of multiple specific SIP m |
| CVE-2026-21906 | 7.5 HIGH | Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICM |
| CVE-2025-59960 | 7.4 HIGH | Junos OS and Junos OS Evolved: DHCP Option 82 messages from clients being passed unmodifie |
| CVE-2026-21908 | 7.1 HIGH | Junos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemo |
| CVE-2026-21909 | 6.5 MEDIUM | Junos OS and Junos OS Evolved: Receipt of specific IS-IS update packet causes memory leak |
| CVE-2026-21910 | 6.5 MEDIUM | Junos OS: EX4k Series, QFX5k Series: In an EVPN-VXLAN configuration link flaps cause Inter |
| CVE-2026-21911 | 6.5 MEDIUM | Junos OS Evolved: Flapping management interface causes MAC learning on label-switched inte |
| CVE-2026-21903 | 6.5 MEDIUM | Junos OS: Subscribing to telemetry sensors at scale causes all FPCs to crash |
| CVE-2026-0203 | 6.5 MEDIUM | Junos OS: Receipt of a specifically malformed ICMP packet causes an FPC restart |
| CVE-2026-21921 | 6.5 MEDIUM | Junos OS and Junos OS Evolved: When telemetry collectors are frequently subscribing and un |
| CVE-2026-21907 | 5.9 MEDIUM | Junos Space: TLS/SSL server supports use of static key ciphers (ssl-static-key-ciphers) |
| CVE-2025-60011 | 5.8 MEDIUM | Junos OS and Junos OS Evolved: Optional transitive BGP attribute is modified before propag |
| CVE-2025-59959 | 5.5 MEDIUM | Junos OS and Junos OS Evolved: Executing a specific show command leads to an rpd crash |
| CVE-2026-21912 | 5.5 MEDIUM | Junos OS: MX10k Series: 'show system firmware' CLI command may lead to LC480 or LC2101 lin |
Showing top 20 of 23 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: Juniper Networks
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33784
JSI Virtual Lightweight Collector: Default password is not r
Same weakness: CWE-1021
- CVE-2026-3254
Improper Restriction of Rendered UI Layers or Frames in GitL - CVE-2026-2378
Address bar spoofing risk in ArcSearch on Android - CVE-2025-62328
HCL Nomad server on Domino is affected by a missing default - CVE-2025-58405
Lack of protection mechanisms against Clickjacking attacks - CVE-2026-27511
Tenda F3 Clickjacking in Web Management Interface
V. Comments for CVE-2025-52987
No comments yet