Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Vulnerabilidades

Con el objetivo de informar, advertir y ayudar a los profesionales sobre las ultimas vulnerabilidades de seguridad en sistemas tecnológicos, ponemos a disposición de los usuarios interesados en esta información una base de datos con información en castellano sobre cada una de las ultimas vulnerabilidades documentadas y conocidas.

Este repositorio con más de 75.000 registros esta basado en la información de NVD (National Vulnerability Database) – en función de un acuerdo de colaboración – por el cual desde INCIBE realizamos la traducción al castellano de la información incluida. En ocasiones este listado mostrará vulnerabilidades que aún no han sido traducidas debido a que se recogen en el transcurso del tiempo en el que el equipo de INCIBE realiza el proceso de traducción.

Se emplea el estándar de nomenclatura de vulnerabilidades CVE (Common Vulnerabilities and Exposures), con el fin de facilitar el intercambio de información entre diferentes bases de datos y herramientas. Cada una de las vulnerabilidades recogidas enlaza a diversas fuentes de información así como a parches disponibles o soluciones aportadas por los fabricantes y desarrolladores. Es posible realizar búsquedas avanzadas teniendo la opción de seleccionar diferentes criterios como el tipo de vulnerabilidad, fabricante, tipo de impacto entre otros, con el fin de acortar los resultados.

Mediante suscripción RSS o Boletines podemos estar informados diariamente de las ultimas vulnerabilidades incorporadas al repositorio.

CVE-2025-52988

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** An Improper Neutralization of Special Elements used in an OS Command (&amp;#39;OS Command Injection&amp;#39;) vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a high privileged, local attacker to escalated their privileges to root.<br /> <br /> When a user provides specifically crafted arguments to the &amp;#39;request system logout&amp;#39; command, these will be executed as root on the shell, which can completely compromise the device.<br /> This issue affects:<br /> <br /> Junos OS: <br /> <br /> <br /> <br /> * all versions before 21.2R3-S9,<br /> * 21.4 versions before 21.4R3-S8,<br /> * 22.2 versions before 22.2R3-S6,<br /> * 22.3 versions before 22.3R3-S3,<br /> * 22.4 versions before 22.4R3-S6,<br /> * 23.2 versions before 23.2R2-S1,<br /> * 23.4 versions before 23.4R1-S2, 23.4R2;<br /> <br /> <br /> <br /> <br /> Junos OS Evolved:<br /> <br /> <br /> <br /> * all versions before 22.4R3-S6-EVO,<br /> * 23.2-EVO versions before 23.2R2-S1-EVO,<br /> * 23.4-EVO versions before 23.4R1-S2-EVO, 23.4R2-EVO.
Gravedad CVSS v4.0: ALTA
Última modificación:
11/07/2025

CVE-2025-52989

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to modify the system configuration.<br /> <br /> <br /> <br /> A user with limited configuration and commit permissions, using a specifically crafted annotate configuration command, can change any part of the device configuration.<br /> <br /> <br /> <br /> <br /> This issue affects:<br /> <br />  Junos OS: <br /> <br /> <br /> <br /> * all versions before 22.2R3-S7,<br /> * 22.4 versions before 22.4R3-S7,<br /> * 23.2 versions before 23.2R2-S4,<br /> * 23.4 versions before 23.4R2-S4,<br /> * 24.2 versions before 24.2R2-S1,<br /> * 24.4 versions before 24.4R1-S2, 24.4R2;<br /> <br /> <br /> <br /> <br /> Junos OS Evolved:<br /> <br /> <br /> <br /> * all versions before 22.4R3-S7-EVO,<br /> * 23.2-EVO versions before 23.2R2-S4-EVO,<br /> * 23.4-EVO versions before 23.4R2-S5-EVO, <br /> * 24.2-EVO versions before 24.2R2-S1-EVO<br /> <br /> <br /> <br /> * 24.4-EVO versions before 24.4R2-EVO.
Gravedad CVSS v4.0: MEDIA
Última modificación:
11/07/2025

CVE-2025-6549

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** An Incorrect Authorization vulnerability in the web server of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to reach the <br /> <br /> Juniper Web Device Manager<br /> <br /> (J-Web).<br /> <br /> When Juniper Secure connect (JSC) is enabled on specific interfaces, or multiple interfaces are configured for J-Web, the J-Web UI is reachable over more than the intended interfaces.<br /> This issue affects Junos OS:<br /> <br /> <br /> <br /> * all versions before 21.4R3-S9,<br /> * 22.2 versions before 22.2R3-S5,<br /> * 22.4 versions before 22.4R3-S5,<br /> * 23.2 versions before 23.2R2-S3,<br /> * 23.4 versions before 23.4R2-S5,<br /> * 24.2 versions before 24.2R2.
Gravedad CVSS v4.0: MEDIA
Última modificación:
11/07/2025

CVE-2025-7026

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values (e.g., &amp;#39;$DB$&amp;#39; or &amp;#39;2DB$&amp;#39;), the function performs arbitrary writes to System Management RAM (SMRAM), leading to potential privilege escalation to System Management Mode (SMM) and persistent firmware compromise.
Gravedad CVSS v3.1: ALTA
Última modificación:
11/07/2025

CVE-2025-52981

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on <br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> SRX1600, SRX2300, SRX 4000 Series, and SRX5000 Series with SPC3<br /> <br /> <br /> <br /> allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br /> <br /> If a sequence of specific PIM packets is received, this will cause a flowd crash and restart.<br /> <br /> <br /> This issue affects Junos OS:<br /> <br /> <br /> <br /> * all versions before 21.2R3-S9,<br /> * 21.4 versions before 21.4R3-S11,<br /> * 22.2 versions before 22.2R3-S7,<br /> * 22.4 versions before 22.4R3-S6,<br /> * 23.2 versions before 23.2R2-S4,<br /> * 23.4 versions before 23.4R2-S4,<br /> * 24.2 versions before 24.2R2.<br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> This is a similar, but different vulnerability than the issue reported as<br /> <br /> CVE-2024-47503, published in JSA88133.
Gravedad CVSS v4.0: ALTA
Última modificación:
11/07/2025

CVE-2025-52982

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br /> <br /> When an MX Series device with an MS-MPC is configured with two or more service sets which are both processing SIP calls, a specific sequence of call events will lead to a crash and restart of the MS-MPC.<br /> This issue affects Junos OS:<br /> <br /> <br /> <br /> * all versions before 21.2R3-S9,<br /> * 21.4 versions from 21.4R1,<br /> * 22.2 versions before 22.2R3-S6,<br /> * 22.4 versions before 22.4R3-S6.<br /> <br /> <br /> <br /> <br /> As the MS-MPC is EoL after Junos OS 22.4, later versions are not affected.<br /> <br /> This issue does not affect MX-SPC3 or SRX Series devices.
Gravedad CVSS v4.0: ALTA
Última modificación:
11/07/2025

CVE-2025-52983

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** A UI Discrepancy for Security Feature<br /> <br /> vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device.<br /> <br /> <br /> <br /> On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users which are in possession of the corresponding private key can still log in as root.<br /> This issue affects Junos OS:<br /> <br /> <br /> <br /> * all versions before 22.2R3-S7,<br /> * 22.4 versions before 22.4R3-S5,<br /> * 23.2 versions before 23.2R2-S3,<br /> * 23.4 versions before 23.4R2-S3,<br /> * 24.2 versions before 24.2R1-S2, 24.2R2.
Gravedad CVSS v4.0: ALTA
Última modificación:
11/07/2025

CVE-2025-52984

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.<br /> <br /> When static route points to a reject next hop and a gNMI query is processed for that static route, rpd crashes and restarts.<br /> <br /> This issue affects:<br /> <br /> Junos OS:  * all versions before 21.2R3-S9,<br /> * 21.4 versions before 21.4R3-S10, <br /> * 22.2 versions before 22.2R3-S6,<br /> * 22.4 versions before 22.4R3-S6,<br /> * 23.2 versions before 23.2R2-S3,<br /> * 23.4 versions before 23.4R2-S4,<br /> * 24.2 versions before 24.2R1-S2, 24.2R2;<br /> <br /> <br /> Junos OS Evolved:<br /> <br /> <br /> <br /> * all versions before 22.4R3-S7-EVO,<br /> * 23.2-EVO <br /> <br /> versions before 23.2R2-S3-EVO,<br /> * 23.4-EVO versions before 23.4R2-S4-EVO,<br /> * 24.2-EVO versions before 24.2R2-EVO.
Gravedad CVSS v4.0: ALTA
Última modificación:
11/07/2025

CVE-2025-52985

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** A Use of Incorrect Operator<br /> <br /> vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions.<br /> <br /> When a firewall filter which is applied to the lo0 or re:mgmt interface references a prefix list with &amp;#39;from prefix-list&amp;#39;, and that prefix list contains more than 10 entries, the prefix list doesn&amp;#39;t match and packets destined to or from the local device are not filtered.<br /> <br /> <br /> This issue affects firewall filters applied to the re:mgmt interfaces as input and output, but only affects firewall filters applied to the lo0 interface as output.<br /> This issue is applicable to IPv4 and IPv6 as a prefix list can contain IPv4 and IPv6 prefixes.<br /> This issue affects Junos OS Evolved:<br /> <br /> * 23.2R2-S3-EVO versions before 23.2R2-S4-EVO,<br /> * 23.4R2-S3-EVO versions before 23.4R2-S5-EVO,<br /> * 24.2R2-EVO versions before 24.2R2-S1-EVO,<br /> * 24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.<br /> <br /> <br /> This issue doesn&amp;#39;t not affect Junos OS Evolved versions before 23.2R1-EVO.
Gravedad CVSS v4.0: MEDIA
Última modificación:
11/07/2025

CVE-2025-52980

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** A Use of Incorrect Byte Ordering <br /> <br /> vulnerability <br /> <br /> in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br /> <br /> <br /> <br /> When a BGP update is received over an established BGP session which contains a specific, valid, optional, transitive path attribute, rpd will crash and restart.<br /> <br /> This issue affects eBGP and iBGP over IPv4 and IPv6.<br /> <br /> <br /> <br /> This issue affects:<br /> <br /> Junos OS:<br /> <br /> <br /> <br /> * 22.1 versions from 22.1R1 before 22.2R3-S4,<br /> * 22.3 versions before 22.3R3-S3,<br /> * 22.4 versions before 22.4R3-S2,<br /> * 23.2 versions before 23.2R2,<br /> * 23.4 versions before 23.4R2.
Gravedad CVSS v4.0: ALTA
Última modificación:
11/07/2025

CVE-2025-52994

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** gif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS Command Injection via a crafted parameter value. This is fixed in 1.7.23-202506081709.
Gravedad CVSS v3.1: MEDIA
Última modificación:
11/07/2025

CVE-2025-52953

Fecha de publicación:
11/07/2025
Idioma:
Inglés
*** Pendiente de traducción *** An Expected Behavior Violation vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a valid BGP UPDATE packet to cause a BGP session reset, resulting in a Denial of Service (DoS). <br /> <br /> Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.<br /> <br /> This issue affects iBGP and eBGP and both IPv4 and IPv6 are affected by this vulnerability.<br /> <br /> This issue affects Junos OS:<br /> <br /> <br /> * All versions before 21.2R3-S9,<br /> * from 21.4 before 21.4R3-S11,<br /> * from 22.2 before 22.2R3-S7,<br /> * from 22.4 before 22.4R3-S7,<br /> * from 23.2 before 23.2R2-S4,<br /> * from 23.4 before 23.4R2-S4,<br /> * from 24.2 before 24.2R2,<br /> * from 24.4 before 24.4R1-S3, 24.4R2<br /> <br /> <br /> Junos OS Evolved:<br /> <br /> <br /> <br /> * All versions before 22.2R3-S7-EVO,<br /> * from 22.4-EVO before 22.4R3-S7-EVO,<br /> * from 23.2-EVO before 23.2R2-S4-EVO,<br /> * from 23.4-EVO before 23.4R2-S4-EVO,<br /> * from 24.2-EVO before 24.2R2-EVO,<br /> * from 24.4-EVO before 24.4R1-S3-EVO, 24.4R2-EVO.
Gravedad CVSS v4.0: ALTA
Última modificación:
11/07/2025