- Security researchers found nine defects in two Ruckus products
- Fallas have not yet been paved, so users must be careful
- Users advised to limit access to wireless management environments
Almost a dozen vulnerabilities have been found in two Ruckus Networks products that could abuse total control over the network environments in which they operate.
Ruckus Networks (previously Ruckus Wireless) is a network equipment manufacturer, whose products include Smart Zone (VSZ) and director of Ruckus Network (RND).
VSZ is a virtualized network controller that manages Ruckus access points and switches. In general, it is used by medium to large companies for centralized control, scalability and advanced Wi-Fi management characteristics. RND, on the other hand, is a centralized network management platform used for the implementation, monitoring and maintenance of wired and wireless ruckus wireless.
Significant interruption
At the time of publication, vulnerabilities remain without blinking, putting countless companies at risk.
According to Noam Moshe de ClaroTy’s Research Arm Team82, these two had nine vulnerabilities:
- CVE-2025-44957-VSZ coded sections that allow to avoid authentication and access to administration level using HTTP headings designed and valid API keys
- CVE-2025-44962-TRANSVERSAL PUT IN VSZ that allows arbitrary file readings for authenticated users
- CVE-2025-44954-VSZ It has codified predetermined public/private SSH keys that allows any person to connect to vulnerable devices with root access
- CVE-2025-44960-VSZ has an API route with a user-controlled parameter that is not disinfected, which allows the execution of commands of the arbitrary operating system
- CVE-2025-44961-THE INJECTION OF COMMANDS IN VSZ allows an authenticated user to supply an insanitized IP address to an OS command
- CVE-2025-44963-RND uses a Backend Codent secret key, allowing anyone with him to valid administration session tokens
- CVE-2025-44955-RND includes an “imprisoned” environment with an incorporated jailbreak using a weak and encoded password to get access to the root
- CVE-2025-6243-RND includes a User Privileged by the Root (SSHUSER) with public/private codified SSH keys that allow access to the root
- CVE-2025-44958-RNF Figure Passwords stored with a weak secret codified key and can return them in text without format if it is compromised
Moshe reported his findings to the Cert Coordination Center of the University of Carnegie Mellon (Cert/CC), who confirmed that failures can be abused to cause significant interruption to companies.
“The impact of these vulnerabilities varies from the escape of information to the total commitment of the wireless environment administered by the affected products. As an example, an attacker with access to the network to Ruckus Wireless VSZ can exploit CVE-2025-44954 to obtain the full access of the full administrator that will lead to the total commitment of the VSZ wireless management environment.”
“In addition, multiple vulnerabilities can be chained to create chained attacks that can allow the attacker to combine attacks to avoid any security control that avoids only specific attacks.”
Gravity scores have not yet been assigned, and Ruckus has not yet presented a patch.
Therefore, to mitigate the risk, Cert/CC advises network administrators to limit access to wireless management environments using the affected products, which allows a limited set of trusted users and their authenticated customers to administer Ruckus infrastructure through a safe protocol.
Through Bleepingcomputer
