CVE-2025-67305
Received Received - Intake

Hardcoded SSH Keys in RUCKUS RND OVA Enable Privilege Escalation

Vulnerability report for CVE-2025-67305, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-19

Last updated on: 2026-04-03

Assigner: MITRE

Description

In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the PostgreSQL database with superuser privileges, create administrative users for the web interface, and potentially escalate privileges further.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-19
Last Modified
2026-04-03
Generated
2026-07-06
AI Q&A
2026-02-19
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
commscope ruckus_network_director to 4.5.0.56 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-321 The product uses a hard-coded, unchangeable cryptographic key.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in RUCKUS Network Director (RND) versions prior to 4.5.0.56. The OVA appliance includes hardcoded SSH keys for the postgres user that are the same across all deployments. This allows an attacker who has network access to authenticate via SSH without needing a password.

Once the attacker authenticates using these keys, they can access the PostgreSQL database with superuser privileges. This access enables them to create administrative users for the web interface and potentially escalate their privileges further.

Impact Analysis

The vulnerability can have serious impacts including unauthorized access to the PostgreSQL database with superuser privileges. An attacker can create administrative users on the web interface, which compromises the security and integrity of the system.

This unauthorized access can lead to data breaches, manipulation or deletion of critical data, and further privilege escalation within the network environment.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67305. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart