NuytsTech Security

CVE-2025-59980

by ·

An Authentication Bypass by Primary Weakness

in the FTP server of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to get limited read-write access to files on the device.
When the FTP server is enabled and a user named “ftp” or “anonymous” is configured, that user can login without providing the configured password and then has read-write access to their home directory.

This issue affects Junos OS: 

* all versions before 22.4R3-S8,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2.

More information : https://supportportal.juniper.net/JSA103167

Tags: