Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Juniper Networks — Vulnerabilities & Security Advisories 893

Browse all 893 CVE security advisories affecting Juniper Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Juniper Networks operates as a global provider of networking hardware, software, and services, primarily focusing on enterprise and service provider infrastructure. With 893 recorded Common Vulnerabilities and Exposures, the company’s attack surface reflects the complexity of its extensive product portfolio. Historically, vulnerabilities in its systems have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls in management interfaces. Notable incidents include critical flaws in ScreenOS and Junos OS that allowed attackers to bypass authentication or execute arbitrary commands, highlighting risks in legacy and core routing platforms. These issues underscore the necessity for rigorous patch management and secure configuration practices. As a foundational element of global internet infrastructure, the security posture of Juniper Networks directly impacts the stability and integrity of connected networks worldwide, necessitating continuous monitoring and proactive defense strategies.

Top products by Juniper Networks: Junos OS Junos OS Evolved Junos Space NorthStar Controller Application Juniper ATP ScreenOS Paragon Active Assurance Contrail Service Orchestration SRC Series MIST Cloud UI Junos Space Security Director Contrail JSI LWC Session Smart Router SBR Carrier Contrail Insights Apstra CTP OS JunosE Paragon Automation (Pathfinder, Planner, Insights) Security Director Policy Enforcer Juniper Security Director Junos OS on SRX Series Services Gateways chassis cluster Junos Paragon Active Assurance (Formerly Netrounds) Juniper Identity Management Service (JIMS) Junos OS with DHCPv6 enabled 128 Technology Session Smart Router CTPView Contrail Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2025-59998 Junos Space: Archive Logs screen is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59997 Junos Space: Fields in the CLI Configlets are vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59996 Junos Space: Configuration View page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59995 Junos Space: Template creation through Definition is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59994 Junos Space: Quick Template page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59993 Junos Space: Space Node Setting fields are vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59992 Junos Space: Secure Console page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59991 Junos Space: Device Management pages are vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59990 Junos Space: Template creation pages are vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59989 Junos Space: Device Discovery page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59988 Junos Space: Generate Report page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59987 Junos Space: The arbitrary device search field is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59986 Junos Space: Input fields in Model Devices are vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59985 Junos Space: Purging Policy field is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59984 Junos Space: Global Search is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59983 Junos Space: Template Definition page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59982 Junos Space: Dashboard Search field is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59981 Junos Space: Device Template Definition page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59980 Junos OS: When a user with the name ftp or anonymous is configured unauthenticated filesystem access is allowed — Junos OSCWE-305 6.5 Medium2025-10-09
CVE-2025-59978 Junos Space: Stored cross-site scripting vulnerability in web application — Junos SpaceCWE-79 9.0 Critical2025-10-09
CVE-2025-59976 Junos Space: Arbitrary file download vulnerability in web interface — Junos SpaceCWE-552 6.5 Medium2025-10-09
CVE-2025-59975 Junos Space: Flooding device with inbound API calls leads to WebUI and CLI management access DoS — Junos SpaceCWE-400 7.5 High2025-10-09
CVE-2025-59974 Junos Space Security Director: Persistent Cross-Site Scripting (XSS) vulnerability — Junos Space Security DirectorCWE-79 8.4 High2025-10-09
CVE-2025-59968 Junos Space Security Director: Insufficient authorization for sensitive resources in web interface — Junos Space Security Director 8.6 High2025-10-09
CVE-2025-59967 Junos OS Evolved: ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509: When specific valid multicast traffic is received on the L3 interface on a vulnerable device evo-pfemand crashes and restarts — Junos OS EvolvedCWE-476 6.5 Medium2025-10-09
CVE-2025-59964 Junos OS: SRX4700: When forwarding-options sampling is enabled any traffic destined to the RE will cause the forwarding line card to crash and restart — Junos OSCWE-908 7.5 High2025-10-09
CVE-2025-59962 Junos OS and Junos OS Evolved: With BGP sharding enabled, change in indirect next-hop can cause RPD crash — Junos OSCWE-824 5.3 Medium2025-10-09
CVE-2025-59958 Junos OS Evolved: PTX Series: When a firewall filter rejects traffic these packets are erroneously sent to the RE — Junos OS EvolvedCWE-754 6.5 Medium2025-10-09
CVE-2025-59957 Junos OS: EX4600 Series and QFX5000 Series: An attacker with physical access can open a persistent backdoor — Junos OSCWE-346 6.8 Medium2025-10-09
CVE-2025-52961 Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart — Junos OS EvolvedCWE-400 6.5 Medium2025-10-09

This page lists every published CVE security advisory associated with Juniper Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.