Platform
juniper
Component
junos-space
Opgelost in
24.1R4
CVE-2025-59978 describes a Cross-Site Scripting (XSS) vulnerability within Juniper Networks Junos Space. This vulnerability allows an attacker to inject malicious scripts into web pages, potentially leading to unauthorized command execution with administrative privileges. The vulnerability affects all versions of Junos Space prior to 24.1R4. A fix is available in version 24.1R4.
The impact of this XSS vulnerability is significant. A successful attacker can inject arbitrary JavaScript code into web pages viewed by other Junos Space users, including administrators. This allows the attacker to steal session cookies, hijack user accounts, and ultimately execute commands with the privileges of the compromised user. Given Junos Space's role in network management, a successful exploitation could lead to widespread network disruption or data breaches. The ability to execute commands with administrative privileges significantly expands the attacker's blast radius, potentially impacting the entire managed network.
CVE-2025-59978 was publicly disclosed on 2025-10-09. The vulnerability's CRITICAL CVSS score indicates a high probability of exploitation. No public proof-of-concept (PoC) code has been released at the time of writing, but the ease of XSS exploitation suggests that a PoC is likely to emerge. It is not currently listed on CISA KEV.
Organizations heavily reliant on Juniper Junos Space for network management are at significant risk. This includes large enterprises, service providers, and government agencies. Specifically, deployments with older, unpatched versions of Junos Space (prior to 24.1R4) are particularly vulnerable. Shared hosting environments where multiple tenants share a Junos Space instance also face increased risk.
• juniper / server:
grep -r "<script" /opt/junos-space/conf/config.xml• juniper / web:
curl -I https://<junos-space-ip>/ | grep Content-Security-Policy• generic web:
curl -I https://<junos-space-ip>/ | grep X-XSS-Protectiondisclosure
Exploit Status
EPSS
0.06% (19% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-59978 is to upgrade Junos Space to version 24.1R4 or later. If immediate upgrade is not possible, consider implementing strict input validation and output encoding on all user-supplied data within Junos Space. Web Application Firewalls (WAFs) configured to detect and block XSS payloads can provide an additional layer of defense. Regularly review Junos Space configurations for any unusual or unauthorized modifications.
Werk Junos Space bij naar versie 24.1R4 of hoger. Deze update corrigeert de stored cross-site scripting kwetsbaarheid die een aanvaller in staat stelt commando's uit te voeren met de administratieve rechten van de doelwit gebruiker. Raadpleeg het Juniper Networks beveiligingsbulletin JSA103140 voor meer details en update instructies.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-59978 is a critical XSS vulnerability in Juniper Junos Space allowing attackers to inject malicious scripts and potentially gain administrative access.
If you are running Junos Space versions 0–24.1R4, you are affected by this vulnerability. Upgrade to 24.1R4 or later to mitigate the risk.
The recommended fix is to upgrade to Junos Space version 24.1R4 or later. Implement input validation and WAF rules as temporary mitigations.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of future attacks.
Please refer to the Juniper Security Advisories page for the official advisory regarding CVE-2025-59978: [https://www.juniper.net/us/en/support/security/advisories/]
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.