### Key Information #### Vulnerability Overview - **Product**: RUCKUS Virtual SmartZone (vSZ) and RUCKUS Network Director (RND) - **Vulnerability Type**: Multiple vulnerabilities, including authentication bypass, hardcoded keys, arbitrary file read, and unauthorized remote code execution. - **Impact**: These vulnerabilities could lead to complete compromise of environments managed by the affected software. #### Description - **Hardcoded Keys**: Includes JWT signing keys, API keys, etc., which are hardcoded within the vSZ application. Attackers can exploit these keys to gain administrator privileges. - **Authentication Bypass**: By using HTTP headers and valid API keys, authentication mechanisms can be bypassed, granting administrator-level access. - **Arbitrary File Read**: vSZ allows users to download files, but through hardcoded directory paths, users can traverse other directory paths to read sensitive files. - **Remote Code Execution**: In OS command injection, parameters are not sanitized before execution, allowing malicious payloads to run when special elements are used. - **Hardcoded Private Key**: Use of hardcoded cryptographic keys enables attackers to generate valid JWTs, thereby bypassing genuine authentication. - **Weak Password Storage**: Passwords are stored in reversible formats, allowing attackers to decrypt and retrieve plaintext passwords. #### Impact - The impact ranges from information disclosure to full control over wireless environments. For example, attackers can gain full administrator access to vSZ via API, leading to complete control over the vSZ wireless management environment. #### Solution - RUCKUS has provided patches for each product. It is recommended to deploy vSZ and RND following best security practices and to restrict access to potentially vulnerable devices. #### Additional Information - **CVE ID**: CVE-2025-44955, CVE-2025-44957, CVE-2025-44958, CVE-2025-44960, CVE-2025-44961, CVE-2025-44962, CVE-2025-44963, CVE-2025-6243 - **Release Date**: 2025-07-08 - **Last Updated**: 2025-07-24 22:12 UTC