Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-59962— Junos OS and Junos OS Evolved: With BGP sharding enabled, change in indirect next-hop can cause RPD crash

CVSS 5.3 · Medium EPSS 0.02% · P6
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-59962

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Junos OS and Junos OS Evolved: With BGP sharding enabled, change in indirect next-hop can cause RPD crash
Source: NVD (National Vulnerability Database)
Vulnerability Description
An Access of Uninitialized Pointer vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved with BGP sharding configured allows an attacker triggering indirect next-hop updates, along with timing outside the attacker's control, to cause rpd to crash and restart, leading to a Denial of Service (DoS). With BGP sharding enabled, triggering route resolution of an indirect next-hop (e.g., an IGP route change over which a BGP route gets resolved), may cause rpd to crash and restart. An attacker causing continuous IGP route churn, resulting in repeated route re-resolution, will increase the likelihood of triggering this issue, leading to a potentially extended DoS condition. This issue affects: Junos OS: * all versions before 21.4R3-S6,  * from 22.1 before 22.1R3-S6,  * from 22.2 before 22.2R3-S3,  * from 22.3 before 22.3R3-S3,  * from 22.4 before 22.4R3,  * from 23.2 before 23.2R2;  Junos OS Evolved:  * all versions before 22.3R3-S3-EVO,  * from 22.4 before 22.4R3-EVO,  * from 23.2 before 23.2R2-EVO. Versions before Junos OS 21.3R1 and Junos OS Evolved 21.3R1-EVO are unaffected by this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用未经初始化的指针
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Networks Junos OS和Juniper Networks Junos OS Evolved都是美国瞻博网络(Juniper Networks)公司的产品。Juniper Networks Junos OS是一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。Juniper Networks Junos OS Evolved是Junos OS 的升级版系统。 Juniper Networks Junos OS和Juniper Network
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Juniper NetworksJunos OS 21.4 ~ 21.4R3-S6 -
Juniper NetworksJunos OS Evolved 22.3 ~ 22.3R3-S3-EVO -

II. Public POCs for CVE-2025-59962

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-59962

登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2025-10-09 · 40 CVEs total

CVE-2025-599789.0 CRITICALJunos Space: Stored cross-site scripting vulnerability in web application
CVE-2025-599688.6 HIGHJunos Space Security Director: Insufficient authorization for sensitive resources in web i
CVE-2025-599748.4 HIGHJunos Space Security Director: Persistent Cross-Site Scripting (XSS) vulnerability
CVE-2025-599757.5 HIGHJunos Space: Flooding device with inbound API calls leads to WebUI and CLI management acce
CVE-2025-600047.5 HIGHJunos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash
CVE-2025-599647.5 HIGHJunos OS: SRX4700: When forwarding-options sampling is enabled any traffic destined to the
CVE-2025-111987.4 HIGHSecurity Director Policy Enforcer: An unrestricted API allows a network-based unauthentica
CVE-2025-599576.8 MEDIUMJunos OS: EX4600 Series and QFX5000 Series: An attacker with physical access can open a pe
CVE-2025-599676.5 MEDIUMJunos OS Evolved: ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509: When spe
CVE-2025-599586.5 MEDIUMJunos OS Evolved: PTX Series: When a firewall filter rejects traffic these packets are err
CVE-2025-529616.5 MEDIUMJunos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending
CVE-2025-599766.5 MEDIUMJunos Space: Arbitrary file download vulnerability in web interface
CVE-2025-599806.5 MEDIUMJunos OS: When a user with the name ftp or anonymous is configured unauthenticated filesys
CVE-2025-599876.1 MEDIUMJunos Space: The arbitrary device search field is vulnerable to reflected cross-site scrip
CVE-2025-599816.1 MEDIUMJunos Space: Device Template Definition page is vulnerable to reflected cross-site script
CVE-2025-599826.1 MEDIUMJunos Space: Dashboard Search field is vulnerable to reflected cross-site script injection
CVE-2025-599836.1 MEDIUMJunos Space: Template Definition page is vulnerable to reflected cross-site script injecti
CVE-2025-599846.1 MEDIUMJunos Space: Global Search is vulnerable to reflected cross-site script injection
CVE-2025-599856.1 MEDIUMJunos Space: Purging Policy field is vulnerable to reflected cross-site script injection
CVE-2025-599866.1 MEDIUMJunos Space: Input fields in Model Devices are vulnerable to reflected cross-site script i

Showing top 20 of 40 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Junos OS
Same vendor: Juniper Networks
Same weakness: CWE-824

V. Comments for CVE-2025-59962

No comments yet

Leave a comment