Subj : Ruckus Networks security flaws left unpatched, putting thousands To : All From : TechnologyDaily Date : Fri Jul 11 2025 11:15:06 Ruckus Networks security flaws left unpatched, putting thousands of devices at risk Date: Fri, 11 Jul 2025 10:04:00 +0000 Description: Almost a dozen flaws found in two Ruckus products which could be chained to cause major damage. FULL STORY ======================================================================Security researchers found nine flaws across two Ruckus products The flaws have not yet been patched, so users should beware Users advised to limit access to the wireless management environments Almost a dozen vulnerabilities have been found in two Ruckus Networks products which could be abused to take full control over the network environments they operate in. Ruckus Networks (formerly Ruckus Wireless) is a networking gear manufacturer, whose products include Virtual Smart Zone (vSZ) and Ruckus Network Director (RND). VSZ is a virtualized network controller that manages Ruckus access points and switches. It is usually used by medium to large enterprises for centralized control, scalability, and advanced Wi-Fi management features. RND, on the other hand, is a centralized network management platform used for deployment, monitoring, and maintenance of large-scale Ruckus wired and wireless networks. Meaningful disruption At press time, the vulnerabilities remain unpatched, putting countless businesses at risk. According to Noam Moshe from Clarotys research arm Team82, these two carried nine vulnerabilities: CVE-2025-44957 hardcoded secrets in vSZ that allow bypassing authentication and admin-level access using crafted HTTP headers and valid API keys CVE-2025-44962 path traversal in vSZ that allows arbitrary file reads for authenticated users CVE-2025-44954 vSZ has hardcoded default public/private SSH keys that allows anyone to connect to vulnerable devices with root access CVE-2025-44960 vSZ has an API route with a user-controlled parameter that isn't sanitized, allowing execution of arbitrary operating system commands CVE-2025-44961 command injection in vSZ allows an authenticated user to supply an unsanitized IP address to an OS command CVE-2025-44963 RND uses a hardcoded backend JWT secret key, allowing anyone with it to forge valid admin session tokens CVE-2025-44955 RND includes a "jailed" environment with a built-in jailbreak using a weak, hardcoded password to gain root access CVE-2025-6243 RND includes a root-privileged user (sshuser) with hardcoded public/private SSH keys that allow root access CVE-2025-44958 RND encrypts stored passwords with a hardcoded weak secret key and can return them in plaintext if compromised Moshe reported his findings to Carnegie Mellon Universitys CERT Coordination Center (CERT/CC), who confirmed that the flaws can be abused to cause meaningful disruption to businesses. Impact of these vulnerabilities vary from information leakage to total compromise of the wireless environment managed by the affected products. As an example, an attacker with network access to Ruckus Wireless vSZ can exploit CVE-2025-44954 to gain full administrator access that will lead to total compromise of the vSZ wireless management environment, the organization explained. Furthermore, multiple vulnerabilities can be chained to create chained attacks that can allow the attacker to combine attacks to bypass any security controls that prevent only specific attacks. Severity scores have not yet been assigned, and Ruckus has not yet come forward with a patch. Therefore, to mitigate the risk, CERT/CC advises network admins to limit access to the wireless management environments using the affected products, allowing a limited set of trusted users and their authenticated clients to manage Ruckus infrastructure through a secure protocol. Via BleepingComputer You might also like Sony, JBL and Bose headphones all affected by major Bluetooth security flaw which could let hackers spy on you via microphone Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/ruckus-networks-security-flaws-left-unp atched-putting-thousands-of-devices-at-risk --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .