Skip Navigation

July 10, 2025 |

Ruckus Networks leaves critical wi-fi management flaws unpatched

Loading table of contents...

Security researchers have uncovered nine vulnerabilities in Ruckus Networks' widely used Wi-Fi management platforms: Virtual SmartZone (vSZ) and Ruckus Network Director (RND).

Despite repeated outreach attempts by researchers and CERT/CC, Ruckus and its parent company CommScope have not responded, leaving organizations exposed to potential full compromise of their wireless infrastructure.

These products are widely used to manage large-scale wireless deployments in schools, hospitals, smart cities, and enterprise environments.

The issues range from unauthenticated remote code execution (RCE) to hardcoded credentials, authentication bypass, and weak encryption. Threat actors could exploit these flaws to:

  • Gain root-level access to management devices
  • Bypass authentication using hardcoded JWT tokens and API keys
  • Read sensitive files via path traversal
  • Execute arbitrary OS commands through unsanitized API inputs
  • Recover plaintext passwords encrypted with weak, hardcoded keys

One of the most critical issues, CVE-2025-44954, allows unauthenticated SSH access using default public/private keys embedded in the vSZ software. Anyone with access to these keys can log in as root.

The vulnerabilities could also be chained together, granting threat actors full administrative control of affected devices.

As of July 10, 2025, no official fixes, security advisories, or updates have been published.

ThreatRoundUp_SignUp_Simplifiedx2

Stay on top of emerging threats.

Sign up to receive a weekly roundup of our security intelligence feed. You'll be the first to know of emerging attack vectors, threats, and vulnerabilities. 

Sign up

Analyst notes:

To reduce exposure to the Ruckus vulnerabilities, immediately disconnect all Ruckus vSZ and RND management interfaces from internet-facing networks and ensure they’re only accessible from trusted internal segments.

Use strong, unique credentials for every account, disable default keys, and restrict access to administrative interfaces through secure protocols like HTTPS and SSH.

Meanwhile, monitor logs for suspicious activity and consider migrating to alternative systems if patches remain unavailable.