CVE-2025-67304

{"id": "CVE-2025-67304", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2026-02-19T20:25:24.373", "references": [{"url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-009-ruckus-nd-hardcoded-postgresql-credentials-rce.md", "source": "cve@mitre.org"}, {"url": "https://webresources.commscope.com/download/assets/RUCKUS+Network+Director%3A+Critical+Security+Bypass+Vulnerability+Leading+to+Remote+Code+Execution+and/3adeb3acb69211f08a46b6532db37357", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessible over the network on TCP port 5432. An attacker can use the hardcoded credentials to authenticate remotely, gaining superuser access to the database. This allows creation of administrative users for the web interface, extraction of password hashes, and execution of arbitrary OS commands."}, {"lang": "es", "value": "En Ruckus Network Director (RND) &lt; 4.5.0.54, el dispositivo OVA contiene credenciales codificadas para el usuario de la base de datos PostgreSQL de ruckus. En la configuraci\u00f3n predeterminada, el servicio PostgreSQL es accesible a trav\u00e9s de la red en el puerto TCP 5432. Un atacante puede usar las credenciales codificadas para autenticarse remotamente, obteniendo acceso de superusuario a la base de datos. Esto permite la creaci\u00f3n de usuarios administrativos para la interfaz web, la extracci\u00f3n de hashes de contrase\u00f1as y la ejecuci\u00f3n de comandos arbitrarios del sistema operativo."}], "lastModified": "2026-02-23T14:16:20.680", "sourceIdentifier": "cve@mitre.org"}