Ruckus SmartZone and Network Director Hardcoded SSH Private Key Vulnerability Allowing Unauthenticated Remote Code Execution

A vulnerability exists in Ruckus SmartZone (SZ) versions prior to 6.1.2p3 Refresh Build and Ruckus Network Director (RND) due to a hardcoded SSH private key for a user account with root-equivalent privileges. This private key allows unauthorized access to the affected system via SSH, granting root-level permissions. The vulnerability arises from the inclusion of default cryptographic keys that can be exploited for authentication bypass and unauthorized access.

Impact

Exploitation of this vulnerability allows for unauthenticated remote code execution on the affected system, with access as a user with root privileges.

Remediation

Ruckus Networks has released patches for this vulnerability. Users are advised to upgrade to Ruckus SmartZone versions 6.1.2.p3, 7.1, 5.2.2, or 5.2.1.3, and to Ruckus Network Director versions 3.0, 4.0, or 4.5. For more information, consult the Ruckus Security Advisory ID 20250710.