Improper Neutralization Vulnerability in Juniper Networks Junos OS and Evolved Products
CVE-2025-52989

6.8MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 11 July 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-52989?

An improper neutralization of delimiters vulnerability exists in the UI of Juniper Networks' Junos OS and Junos OS Evolved, allowing a local attacker with elevated privileges to manipulate the system configuration. Through a specifically crafted command, a user with limited permissions can alter critical parts of the device configuration, which may lead to unauthorized changes in network settings and potential security breaches.

Affected Version(s)

Junos OS 0 < 22.2R3-S7

Junos OS 22.4 < 22.4R3-S7

Junos OS 23.2 < 23.2R2-S4

References

https://supportportal.juniper.net/JSA100096

vendor-advisory

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jul 11, 2025
Vulnerability published
Jul 11, 2025
Vulnerability Reserved
Jun 23, 2025

Credit

Vincent Szurma (vszurma) – Independent IT and Security Consultant