Home
Description
In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the PostgreSQL database with superuser privileges, create administrative users for the web interface, and potentially escalate privileges further.
References
webresources.commscope.com/...deb3acb69211f08a46b6532db37357
github.com/...D-2025-012-ruckus-nd-hardcoded-ssh-keys-rce.md