Critical security vulnerabilities have been identified in Ruckus Networks’ flagship management platforms, Virtual SmartZone (vSZ) and Ruckus Network Director (RND). Despite the severity of these flaws, no official patches have been released, leaving enterprise and public sector networks at significant risk.
Vulnerabilities Expose Enterprise WiFi Management to Attack
Security researchers from Team82 at Claroty, led by Noam Moshe, disclosed multiple vulnerabilities affecting Ruckus’ centralized WiFi management solutions. The most alarming issues include unauthenticated remote code execution, hardcoded administrative credentials, and the presence of exposed SSH keys within the management systems.
These vulnerabilities could allow a remote attacker to gain full control over the affected devices with little effort, potentially compromising entire wireless networks managed through these platforms.
- Hardcoded SSH Keys:
- vSZ: Contains hardcoded default public and private SSH keys for a built-in user with root privileges. Anyone with knowledge of these keys can gain root-level SSH access to the device (CVE-2025-44954).
- RND: Includes a root-privileged user account (
sshuser) with hardcoded public/private SSH keys, also allowing root access (CVE-2025-6243).
- Hardcoded Secrets and API Keys:
- vSZ: Embeds hardcoded secrets such as JWT signing keys and API keys directly in the code. Attackers can use these to bypass authentication and gain administrator-level access by crafting specific HTTP headers and using a valid API key (CVE-2025-44957).
- Hardcoded JWT Secret Keys:
- Hardcoded Passwords:
- Weak Encryption Keys:
Disclosure and Vendor Response
The vulnerabilities were responsibly reported to the CERT Coordination Center (CERT/CC), which attempted to coordinate remediation with Ruckus Networks, now operating under CommScope. However, according to the researchers and CERT/CC, Ruckus Networks has not responded to repeated outreach attempts, and no security updates or mitigations have been provided to customers as of this writing.
Widespread Impact
Ruckus vSZ and RND are widely deployed in large organizations, educational institutions, and government agencies. The lack of available patches or workarounds leaves a broad swath of critical infrastructure exposed to potential exploitation. Security experts warn that attackers exploiting these flaws could seize administrative control of wireless networks, intercept sensitive communications, and disrupt business operations.
Recommendations for Organizations
Until official patches are released, organizations using Ruckus vSZ or RND should take immediate action to mitigate risk:
- Isolate Management Devices: Ensure that Ruckus management appliances are not accessible from the internet or untrusted networks.
- Monitor for Updates: Regularly check Ruckus Networks’ security advisories and CERT/CC bulletins for updates.
- Consider Replacement: Evaluate the feasibility of replacing or disabling affected devices, especially in high-risk environments.
- Increase Network Monitoring: Watch for unusual activity that could indicate exploitation attempts.
Additional information
For more information and ongoing updates, refer to CERT/CC advisories and your organization’s security team.
This article is based on current public disclosures and security research as of July 2025.
