CVE-2025-69426

Vulnerability Description

The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables SCP and pseudo-TTY allocation, an attacker can authenticate using the hardcoded credentials and establish SSH local port forwarding to access the Docker socket. By mounting the host filesystem via Docker, an attacker can escape the container and execute arbitrary OS commands as root on the underlying vRIoT controller, resulting in complete system compromise.

Vulnerability Details

Published Date

January 09, 2026

Last Modified

January 13, 2026

CWE ID

CWE-732

Source

NVD

External References

https://support.ruckuswireless.com/security_bulletins/336
https://www.vulncheck.com/advisories/ruckus-vriot-iot-controller-hardcoded-ssh-credentials-rce

CVE-2025-69426

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment