Authentication Bypass Vulnerability in Juniper Networks Junos OS FTP Server
CVE-2025-59980

6.9MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 9 October 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-59980?

An authentication bypass vulnerability exists in the FTP server of Juniper Networks' Junos OS, allowing unauthenticated attackers to gain limited read-write access to files. When the FTP server is enabled, users configured as 'ftp' or 'anonymous' can log in without a password and access their home directory, posing a significant security risk. This issue affects multiple versions of Junos OS, necessitating immediate attention from affected users.

Affected Version(s)

Junos OS 0 < 22.4R3-S8

Junos OS 23.2 < 23.2R2-S3

Junos OS 23.4 < 23.4R2

References

https://supportportal.juniper.net/JSA103167

vendor-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 9, 2025
Vulnerability published
Oct 9, 2025
Vulnerability Reserved
Sep 23, 2025

JSON