Ethical Hacking News
Ruckus Networks has been left exposed due to unpatched severe security vulnerabilities in its management devices, including Ruckus Wireless Virtual SmartZone (vSZ) and Ruckus Network Director (RND). These flaws could be exploited by malicious actors to gain full administrator access to the affected products, leading to a total compromise of the wireless environment they serve.
Ruckus Networks' management devices, vSZ and RND, have severe security vulnerabilities that can be exploited by malicious actors. The vulnerabilities include authenticated remote code execution, hardcoded passwords or SSH public and private keys, allowing attackers to gain full administrator access. The severity of the vulnerabilities is high, with multiple flaws chaining together to create more impactful attacks. Administrators are advised to limit access to Ruckus management interfaces and enforce secure protocols to mitigate risks. Ruckus Networks has not responded to the security issues, prompting organizations to take proactive steps to address the vulnerabilities.
Ruckus Networks, a leading provider of wireless networking solutions, has been left exposed to severe security vulnerabilities in its management devices. A recent report by Carnegie Mellon University's CERT Coordination Center (CERT/CC) revealed that multiple critical flaws were left unpatched in Ruckus Wireless Virtual SmartZone (vSZ) and Ruckus Network Director (RND), leaving them susceptible to exploitation by malicious actors.
The vulnerabilities, which have been assigned CVE numbers, range from authenticated remote code execution to hardcoded passwords or SSH public and private keys. These issues could be exploited to gain full administrator access to the affected products, leading to a total compromise of the wireless environment they serve.
Ruckus vSZ is a centralized wireless network controller that can manage tens of thousands of Ruckus access points and clients, allowing configuration, monitoring, and controlling large-scale WiFi deployments. RND, on the other hand, is a management tool for vSZ clusters, providing administrators with essential tools to monitor and manage their wireless networks.
The severity of these vulnerabilities cannot be overstated. According to CERT/CC, multiple vulnerabilities can be chained to create more impactful attacks, allowing attackers to bypass security controls that prevent specific attacks. The impact of these vulnerabilities varies from information leakage to total compromise of the wireless environment managed by the affected products.
For instance, an attacker with network access to Ruckus Wireless vSZ can exploit CVE-2025-44954 to gain full administrator access that will lead to a total compromise of the vSZ wireless management environment. Furthermore, the CERT/CC report highlights that hardcoded secrets in vSZ allow bypassing authentication and admin-level access using crafted HTTP headers and valid API keys.
This is not an isolated incident. The same vulnerabilities affect RND, which uses a hardcoded backend JWT secret key, allowing anyone with it to forge valid admin session tokens. Moreover, RND includes a "jailed" environment with a built-in jailbreak using a weak, hardcoded password to gain root access.
The vulnerability in RND's jailed environment is particularly concerning, as it allows an attacker to exploit CVE-2025-44955, which can be chained with other vulnerabilities to create more impactful attacks. The fact that no patches are available and no clear information on when they might be released only exacerbates the situation.
Administrators who use Ruckus vSZ and RND on their network are strongly advised to take immediate action to secure their environment. Limiting access to Ruckus management interfaces to isolated, trusted networks and enforcing access over secure protocols only can mitigate some of the risks associated with these vulnerabilities.
However, given the severity and potential impact of these vulnerabilities, it is crucial for organizations that use Ruckus Networks products to take proactive steps to address this issue. The lack of response from Ruckus Wireless (now Ruckus Networks) or its parent company, CommScope, regarding these security problems only adds to the concern.
In conclusion, the recent discovery of severe flaws in Ruckus Networks' management devices serves as a stark reminder of the importance of ongoing vulnerability management and patching. Organizations that rely on these products must prioritize securing their networks and take immediate action to address this critical vulnerability.
Related Information:
https://www.ethicalhackingnews.com/articles/Ruckus-Networks-Left-Unpatched-Severe-Flaws-Exposed-in-Management-Devices-ehn.shtml
https://www.bleepingcomputer.com/news/security/ruckus-networks-leaves-severe-flaws-unpatched-in-management-devices/
Published: Wed Jul 9 11:01:11 2025 by llama3.2 3B Q4_K_M
