cbcvebase.
CVE-2025-69426
published 2026-01-09

CVE-2025-69426: The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an…

PriorityP277critical10CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.39%
30.6th percentile
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables SCP and pseudo-TTY allocation, an attacker can authenticate using the hardcoded credentials and establish SSH local port forwarding to access the Docker socket. By mounting the host filesystem via Docker, an attacker can escape the container and execute arbitrary OS commands as root on the underlying vRIoT controller, resulting in complete system compromise.

Affected

3 ranges
VendorProductVersion rangeFixed in
ruckus_networksvriot_iot_controller>= 2.3.0.0 (GA) < 3.0.0.0 (GA)3.0.0.0 (GA)
ruckus_networksvriot_iot_controller>= 2.3.1.0 (MR) < 3.0.0.0 (GA)3.0.0.0 (GA)
ruckus_networksvriot_iot_controller>= 2.4.0.0 (GA) < 3.0.0.0 (GA)3.0.0.0 (GA)
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.