How to fix CVE-2025-67305?

Within 24 hours: Identify all RND deployments and their versions; isolate affected appliances from untrusted networks if possible. Within 7 days: Contact RUCKUS for patch timeline and interim guidance; implement network segmentation to restrict SSH access to RND appliances (port 22) to trusted administrative networks only; enable SSH access logging and monitoring. Within 30 days: Apply vendor patch immediately upon availability; regenerate all SSH keys and credentials; conduct forensic review of appliance access logs for unauthorized connections.

Is PostgreSQL affected by CVE-2025-67305?

RUCKUS Network Director appliances contain hardcoded SSH credentials that are identical across all deployments, allowing unauthenticated remote access to critical network infrastructure.

CVE-2025-67305

CRITICAL

2026-02-19 [email protected]

9.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:03 vuln.today

CVE Published

Feb 19, 2026 - 21:18 nvd

CRITICAL 9.8

Description

In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the PostgreSQL database with superuser privileges, create administrative users for the web interface, and potentially escalate privileges further.

Analysis

Hardcoded SSH keys in Ruckus Network Director OVA < 4.5.0.56 for postgres user. Same across all appliances.

Technical Context

CWE-321 static SSH keys for postgres user.

Affected Products

['Ruckus Network Director < 4.5.0.56']

Remediation

Update and regenerate SSH keys.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +49

POC: 0

CVE-2025-67305 vulnerability details – vuln.today

Back

CVE-2025-67305

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-67305

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code