37 matches found
CVE-2025-67305
In RUCKUS Network Director RND 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the...
CVE-2025-67305
In RUCKUS Network Director RND 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the...
CVE-2025-67304
In Ruckus Network Director RND 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate...
CVE-2025-67305
In RUCKUS Network Director RND 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the...
CVE-2025-67304
In Ruckus Network Director RND 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate...
CVE-2025-67304
In Ruckus Network Director RND 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate...
CVE-2025-67305
In RUCKUS Network Director RND 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the...
CVE-2025-67304
In Ruckus Network Director (RND) versions prior to 4.5.0.54, the OVA appliance ships with hardcoded credentials for the PostgreSQL database user. By default, PostgreSQL is exposed over the network on TCP port 5432, enabling remote authentication with these credentials. The resulting access grants...
CVE-2025-67305
Affected software: RUCKUS Network Director (RND) OVA appliances prior to 4.5.0.56. Vulnerability: hardcoded SSH keys for the postgres user are identical across deployments, enabling network-authenticated SSH without a password. Impact (as stated): attacker can access the PostgreSQL database with ...
PT-2026-20926
Name of the Vulnerable Software and Affected Versions RUCKUS Network Director versions prior to 4.5.0.56 Description RUCKUS Network Director RND OVA appliances include hardcoded SSH keys for the postgres user. These keys are consistent across all deployments. An attacker with network access can u...
RUCKUS Network Director 安全漏洞
Ruckus Network Director is a wireless network monitoring software developed by Ruckus Corporation. Versions of Ruckus Network Director prior to 4.5.0.54 contained security vulnerabilities. These vulnerabilities stemmed from the OVA devices having hardcoded PostgreSQL database user credentials,...
RUCKUS Network Director 安全漏洞
RUCKUS Network Director is a wireless network monitoring software developed by RUCKUS Corporation. Versions of RUCKUS Network Director prior to 4.5.0.56 contained security vulnerabilities. These vulnerabilities stemmed from the OVA devices having hardcoded SSH keys, which could allow unauthorized...
EUVD-2025-23514
Malicious code in bioql PyPI...
EUVD-2025-23516
Malicious code in bioql PyPI...
EUVD-2025-23511
Malicious code in bioql PyPI...
CVE-2025-44958
RUCKUS Network Director RND before 4.5 stores passwords in a recoverable format...
CVE-2025-44963
RUCKUS Network Director RND before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key...
CVE-2025-44955
RUCKUS Network Director RND before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password...
CVE-2025-44963
RUCKUS Network Director RND before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key...
CVE-2025-44963
RUCKUS Network Director RND before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key...