PT-2025-15856 · Juniper Networks · Junos+1

Published

2025-04-09

·

Updated

2025-04-11

·

CVE-2025-30648

CVSS v3.1

7.4

High

VectorAV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions from 21.4 through 21.4R3-S10 Junos OS versions from 22.2 through 22.2R3-S6 Junos OS versions from 22.4 through 22.4R3-S6 Junos OS versions from 23.2 through 23.2R2-S3 Junos OS versions from 23.4 through 23.4R2-S4 Junos OS versions from 24.2 through 24.2R2 Junos OS Evolved versions from 22.4 through 22.4R3-S6-EVO Junos OS Evolved versions from 23.2 through 23.2R2-S3-EVO Junos OS Evolved versions from 23.4 through 23.4R2-S4-EVO Junos OS Evolved versions from 24.2 through 24.2R2-EVO
Description: An Improper Input Validation issue in the Juniper DHCP Daemon (jdhcpd) allows an unauthenticated, adjacent attacker to cause the jdhcpd process to crash, resulting in a Denial of Service (DoS). When a specifically malformed DHCP packet is received from a DHCP client, the jdhcpd process crashes, leading to the unavailability of the DHCP service and a sustained DoS. The DHCP process will restart automatically to recover the service. This issue occurs when dhcp-security is enabled.
Recommendations: For Junos OS versions prior to 21.2R3-S9, update to version 21.2R3-S9 or later. For Junos OS versions from 21.4 through 21.4R3-S10, update to version 21.4R3-S10 or later. For Junos OS versions from 22.2 through 22.2R3-S6, update to version 22.2R3-S6 or later. For Junos OS versions from 22.4 through 22.4R3-S6, update to version 22.4R3-S6 or later. For Junos OS versions from 23.2 through 23.2R2-S3, update to version 23.2R2-S3 or later. For Junos OS versions from 23.4 through 23.4R2-S4, update to version 23.4R2-S4 or later. For Junos OS versions from 24.2 through 24.2R2, update to version 24.2R2 or later. For Junos OS Evolved versions from 22.4 through 22.4R3-S6-EVO, update to version 22.4R3-S6-EVO or later. For Junos OS Evolved versions from 23.2 through 23.2R2-S3-EVO, update to version 23.2R2-S3-EVO or later. For Junos OS Evolved versions from 23.4 through 23.4R2-S4-EVO, update to version 23.4R2-S4-EVO or later. For Junos OS Evolved versions from 24.2 through 24.2R2-EVO, update to version 24.2R2-EVO or later.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-05196
CVE-2025-30648

Affected Products

Junos
Junos Evolved