Main Vulnerability Database Vulnerabilities #VU116933

#VU116933 OS Command Injection in Junos OS Evolved - CVE-2025-60006

Published: October 13, 2025

Vulnerability identifier: #VU116933

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-60006

CWE-ID: CWE-78

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Junos OS Evolved

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a local user to read and manipulate data.

Multiple instances of an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands.

When an attacker executes crafted CLI commands, the options are processed via a script in some cases.

Remediation

Install updates from vendor's website.

External links

https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-Multiple-OS-command-injection-vulnerabilities-fixed-CVE-2025-60006

#VU116933 OS Command Injection in Junos OS Evolved - CVE-2025-60006

Description

Remediation

External links

Please verify you're human