CVE-2025-30644 Junos OS: EX2300, EX3400, EX4000 Series, QFX5k Series: Receipt of a specific DHCP packet causes FPC crash when DHCP Option 82 is enabled

🗓️ 09 Apr 2025 19:52:16Reported by juniperType

CVE-2025-30644 in Junos OS causes FPC crash, leading to Denial of Service and potential remote code execution.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2025-30644	9 Apr 202520:15	–	attackerkb
BDU FSTEC	The vulnerability of the Flexible PIC Concentrator module’s operating system, Juniper Networks Junos OS, allows a hacker to trigger a maintenance failure.	5 May 202500:00	–	bdu_fstec
Circl	CVE-2025-30644	9 Apr 202520:48	–	circl
CNNVD	Juniper Networks Junos OS 安全漏洞	9 Apr 202500:00	–	cnnvd
CVE	CVE-2025-30644	9 Apr 202519:52	–	cve
EUVD	EUVD-2025-10519	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA96453)	29 Apr 202600:00	–	nessus
NVD	CVE-2025-30644	9 Apr 202520:15	–	nvd
Positive Technologies	PT-2025-15852 · Juniper Networks · Junos	9 Apr 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-30644	11 Apr 202520:25	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "EX2300",
      "EX3400",
      "EX4100",
      "EX4300",
      "EX4300MP",
      "EX4400",
      "EX4600",
      "EX4650-48Y",
      "QFX5k Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.4R3-S9",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S5",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3-S5",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2-S3",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "23.4R2-S3",
        "status": "affected",
        "version": "23.4",
        "versionType": "semver"
      },
      {
        "lessThan": "24.2R2",
        "status": "affected",
        "version": "24.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA96453

09 Apr 2025 19:52Current

CVSS 3.17.5

CVSS 47.7

EPSS0.00906

CWE-122

cve-2025-30644 junos os vulnerability fpc crash denial of service remote code execution dhcp option 82 heap-based buffer overflow.