high
7.4
CWE
20
Advisory Published
Updated

CVE-2025-30648: Junos OS and Junos OS Evolved: Receipt of a specifically malformed DHCP packet causes jdhcpd process to crash

First published: Wed Apr 09 2025(Updated: )

An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause the jdhcpd process to crash resulting in a Denial of Service (DoS). When a specifically malformed DHCP packet is received from a DHCP client, the jdhcpd process crashes, which will lead to the unavailability of the DHCP service and thereby resulting in a sustained DoS. The DHCP process will restart automatically to recover the service. This issue will occur when dhcp-security is enabled.  This issue affects Junos OS:  * All versions before 21.2R3-S9,  * from 21.4 before 21.4R3-S10,  * from 22.2 before 22.2R3-S6,  * from 22.4 before 22.4R3-S6,  * from 23.2 before 23.2R2-S3,  * from 23.4 before 23.4R2-S4,  * from 24.2 before 24.2R2;  Junos OS Evolved:  * from 22.4 before 22.4R3-S6-EVO,  * from 23.2 before 23.2R2-S3-EVO,  * from 23.4 before 23.4R2-S4-EVO,  * from 24.2 before 24.2R2-EVO. .

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Juniper JUNOS<21.2R3-S9>=undefined>=undefined>=undefined>=undefined>=undefined>=undefined
Juniper Networks Junos OS>=undefined>=undefined>=undefined>=undefined

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS Evolved: 22.4R3-S6-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, and all subsequent releases. Junos: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2025-30648?

    CVE-2025-30648 is classified as a high severity vulnerability that can lead to a Denial of Service due to an improper input validation in the Juniper DHCP Daemon.

  • How do I fix CVE-2025-30648?

    To fix CVE-2025-30648, update your Junos OS or Junos OS Evolved to the latest patched version provided by Juniper Networks.

  • Who is affected by CVE-2025-30648?

    CVE-2025-30648 affects users of Junos OS and Junos OS Evolved versions prior to 21.2R3-S9.

  • What type of attack does CVE-2025-30648 enable?

    CVE-2025-30648 enables an unauthenticated adjacent attacker to crash the jdhcpd process, resulting in a Denial of Service.

  • When was CVE-2025-30648 reported?

    CVE-2025-30648 was reported in 2025 and is included in Juniper Networks security advisories.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203