CVE-2025-69425
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-09

Last updated on: 2026-01-09

Assigner: VulnCheck

Description
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password (TOTP) secret and an embedded static token. An attacker who extracts these credentials from the appliance or a compromised device can generate valid authentication tokens and execute arbitrary OS commands with root privileges, resulting in complete system compromise.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-09
Last Modified
2026-01-09
Generated
2026-06-16
AI Q&A
2026-01-10
EPSS Evaluated
2026-06-14
NVD
CVE-2025-69425
EUVD
EUVD-2026-1705
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ruckus vrioiot_controller to 3.0.0.0 (exc)
ruckus vrioiot_controller 2.4.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-69425 is a critical vulnerability in Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA). It exposes a command execution service on TCP port 2004 that runs with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password (TOTP) secret and an embedded static token. An attacker who extracts these credentials from the device or a compromised appliance can generate valid authentication tokens and execute arbitrary operating system commands with root privileges, resulting in complete system compromise. [1, 2]

Impact Analysis

This vulnerability can allow a remote attacker to bypass authentication and access controls on the affected Ruckus IoT Controller, gaining shell access with root privileges. This means the attacker can execute any operating system command with full control over the device, potentially leading to complete system compromise, unauthorized access to sensitive data, disruption of services, and further attacks within the network. [1, 2]

Detection Guidance

You can detect this vulnerability by scanning your network for devices running the Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 that have TCP port 2004 open. Since the vulnerable service runs on TCP port 2004 with root privileges, a simple network scan using tools like nmap can help identify exposed devices. For example, you can run: nmap -p 2004 <target-ip-range> to check for open port 2004. Additionally, inspecting the device firmware version to confirm if it is prior to 3.0.0.0 is necessary. However, no specific commands for authentication token testing or exploitation are provided in the resources. [2]

Mitigation Strategies

Immediate mitigation steps include upgrading the Ruckus vRIoT IoT Controller firmware to a fixed version. The recommended stable software release addressing these vulnerabilities is RUCKUS IoT 2.4.0.0 (GA) vRIoT Server Software Release for HyperVisor, distributed as a .tar.gz upgrade image. Additionally, restricting network access to TCP port 2004 to trusted hosts only and monitoring for any suspicious activity on this port can help reduce risk until the upgrade is applied. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69425. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart