CVE-2025-67304

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-67304
In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate remotely, gaining superuser access to the database. This allows creation of administrative users for the web interface, extraction of password hashes, and execution of arbitrary OS commands.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-009-ruckus-nd-hardcoded-postgresql-credentials-rce.md Exploit Third Party Advisory
https://webresources.commscope.com/download/assets/RUCKUS+Network+Director%3A+Critical+Security+Bypass+Vulnerability+Leading+to+Remote+Code+Execution+and/3adeb3acb69211f08a46b6532db37357 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*
History

03 Apr 2026, 11:33

Type Values Removed Values Added
First Time Commscope ruckus Network Director
Commscope
CPE cpe:2.3:a:commscope:ruckus_network_director:*:*:*:*:*:*:*:*
References () https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-009-ruckus-nd-hardcoded-postgresql-credentials-rce.md - () https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-009-ruckus-nd-hardcoded-postgresql-credentials-rce.md - Exploit, Third Party Advisory
References () https://webresources.commscope.com/download/assets/RUCKUS+Network+Director%3A+Critical+Security+Bypass+Vulnerability+Leading+to+Remote+Code+Execution+and/3adeb3acb69211f08a46b6532db37357 - () https://webresources.commscope.com/download/assets/RUCKUS+Network+Director%3A+Critical+Security+Bypass+Vulnerability+Leading+to+Remote+Code+Execution+and/3adeb3acb69211f08a46b6532db37357 - Vendor Advisory

23 Feb 2026, 14:16

Type Values Removed Values Added
CWE CWE-798
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
Summary
  • (es) En Ruckus Network Director (RND) &lt; 4.5.0.54, el dispositivo OVA contiene credenciales codificadas para el usuario de la base de datos PostgreSQL de ruckus. En la configuración predeterminada, el servicio PostgreSQL es accesible a través de la red en el puerto TCP 5432. Un atacante puede usar las credenciales codificadas para autenticarse remotamente, obteniendo acceso de superusuario a la base de datos. Esto permite la creación de usuarios administrativos para la interfaz web, la extracción de hashes de contraseñas y la ejecución de comandos arbitrarios del sistema operativo.

19 Feb 2026, 20:25

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-19 20:25

Updated : 2026-04-03 11:33

NVD link : CVE-2025-67304

Mitre link : CVE-2025-67304

CVE.ORG link : CVE-2025-67304

JSON object : View

Products Affected

commscope

  • ruckus_network_director
CWE
CWE-798

Use of Hard-coded Credentials