{"uuid": "61ccda41-f47a-4a32-94c2-14c2accd2b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21601", "type": "seen", "source": "https://t.me/cvedetector/22605", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21601 - Juniper Networks Junos OS SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2025-21601 \nPublished : April 9, 2025, 8:15 p.m. | 24\u00a0minutes ago \nDescription : An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of\u00a0Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an\u00a0unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive.   \n  \nContinuous receipt of these packets will create a sustained Denial of Service (DoS) condition.  \n  \n  \n  \n  \nThis issue affects Junos OS:\u00a0  \n  \n  \n  \n  *  All versions before 21.4R3-S9,  \n  *  from 22.2 before 22.2R3-S5,  \n  *  from 22.4 before 22.4R3-S4,  \n  *  from 23.2 before 23.2R2-S3,  \n  *  from 23.4 before 23.4R2-S3,  \n  *  from 24.2 before 24.2R1-S1, 24.2R2.  \n  \n  \nAn indicator of compromise is to review the CPU % of the httpd process in the CLI:  \ne.g.  \n\u00a0\u00a0show system processes extensive | match httpd\u00a0 PID nobody \u00a0 \u00a0 \u00a0 52  \u00a0 0  \u00a0 20M\u00a0 \u00a0 191M select \u00a0 2 \u00a0 0:01 \u00a0 80.00% httpd{httpd} <<\nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T23:28:22.000000Z"}