Detections
Analytics

CVE-2025-44955

No Score

Description

Hardcoded Secrets (CWE-259: Use of Hard-coded Password). RND includes a jailed environment to allow users to configure devices without complete shell access to the underlying operating system. The jailed environment includes a built-in jailbreak for technicians to elevate privileges. The jailbreak requires a weak password that is hardcoded into the environment. Anyone with this password can access an RND server with root permissions.

References

https://www.helpnetsecurity.com/2025/07/10/ruckus-network-management-solutions-riddled-with-unpatched-vulnerabilities/

https://www.securityweek.com/unpatched-ruckus-vulnerabilities-allow-wireless-environment-hacking/

https://www.bleepingcomputer.com/news/security/ruckus-networks-leaves-severe-flaws-unpatched-in-management-devices/

https://kb.cert.org/vuls/id/613753

Details

Source: Mitre, NVD

Published: 2025-07-10