CVE-2025-21591

🗓️ 09 Apr 2025 19:46:55Reported by juniperType

Malicious DHCP packets can crash jdhcpd in Junos OS, causing Denial of Service vulnerabilities.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-21591	9 Apr 202519:59	–	circl
CNNVD	Juniper Networks Junos OS 安全漏洞	9 Apr 202500:00	–	cnnvd
Cvelist	CVE-2025-21591 Junos OS: An unauthenticated adjacent attacker sending a malformed DHCP packet causes jdhcpd to crash	9 Apr 202519:46	–	cvelist
EUVD	EUVD-2025-10536	3 Oct 202520:07	–	euvd
NVD	CVE-2025-21591	9 Apr 202520:15	–	nvd
Positive Technologies	PT-2025-15844 · Juniper Networks · Junos	9 Apr 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-21591	11 Apr 202520:31	–	redhatcve
Vulnrichment	CVE-2025-21591 Junos OS: An unauthenticated adjacent attacker sending a malformed DHCP packet causes jdhcpd to crash	9 Apr 202519:46	–	vulnrichment

NVD

Vulners

Node

juniper junosMatch23.1r1

juniper junosMatch23.2-

juniper junosMatch23.2r1

juniper junosMatch23.2r1-s1

juniper junosMatch23.2r1-s2

juniper junosMatch23.2r2

juniper junosMatch23.2r2-s1

juniper junosMatch23.2r2-s2

juniper junosMatch23.4-

juniper junosMatch23.4r1

juniper junosMatch23.4r1-s1

juniper junosMatch23.4r1-s2

juniper junosMatch23.4r2

juniper junosMatch23.4r2-s1

juniper junosMatch23.4r2-s2

juniper junosMatch24.2-

juniper junosMatch24.2r1

juniper junosMatch24.2r1-s1

juniper junosMatch24.2r1-s2

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "dhcp"
    ],
    "packageName": "jdhcpd",
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "23.2R2-S3",
        "status": "affected",
        "version": "23.1",
        "versionType": "semver"
      },
      {
        "lessThan": "23.4R2-S3",
        "status": "affected",
        "version": "23.4",
        "versionType": "semver"
      },
      {
        "lessThan": "24.2R2",
        "status": "affected",
        "version": "24.2",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "23.1R1",
        "status": "unaffected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA96448

26 Jan 2026 19:36Current

7.5High risk

Vulners AI Score7.5

CVSS 47.1

CVSS 3.17.4

EPSS0.00073

SSVC

CWE-805

junos os security denial of service dhcp snooping vulnerability jdhcpd daemon unauthenticated attacker