CVE-2025-44954

Опубликовано: 04 авг. 2025

Источник: nvd

CVSS3: 9

CVSS3: 9.8

EPSS Низкий

Описание

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.

Ссылки

https://claroty.com/team82/disclosure-dashboard/cve-2025-44954
Third Party Advisory
https://kb.cert.org/vuls/id/613753
Third Party Advisory
US Government Resource
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:commscope:ruckus_smartzone_firmware:*:*:*:*:*:*:*:*

Версия до 6.1.2 (исключая)

cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:-:*:*:*:*:*:*

cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p2:*:*:*:*:*:*

cpe:2.3:o:commscope:ruckus_smartzone_firmware:6.1.2:p3:*:*:*:*:*:*

cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.0.0:*:*:*:*:*:*:*

cpe:2.3:o:commscope:ruckus_smartzone_firmware:7.1.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:a:commscope:ruckus_virtual_smartzone:-:*:*:*:*:*:*:*

cpe:2.3:a:commscope:ruckus_virtual_smartzone-federal:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_c110:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_e510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_h320:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_h350:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_h510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_m510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r320:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r510:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r560:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r610:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r710:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r720:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r730:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_r750:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_smartzone_100:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_smartzone_100-d:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_smartzone_144:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_smartzone_144-federal:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_smartzone_300:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_smartzone_300-federal:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t310c:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t310d:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t310n:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t310s:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t350se:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t750:-:*:*:*:*:*:*:*

cpe:2.3:h:commscope:ruckus_t750se:-:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00056

Низкий

9 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-1394

Связанные уязвимости

GHSA-26hc-78hm-m2x7

CVSS3: 9

github

3 месяца назад

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.

EPSS

Процентиль: 17%

0.00056

Низкий

9 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-1394