CVE-2025-44958 – RUCKUS Network Director (RND) versions before 4... (How to Fix)

Q: What is the severity of CVE-2025-44958?

CVE-2025-44958 has a CVSS score of 5.3 (MEDIUM). RUCKUS Network Director (RND) versions before 4.5 store passwords in a recoverable format instead of using secure hashing. This vulnerability allows attackers with access to the system to potentially retrieve stored passwords, affecting organizations using vulnerable RND installations for network management.

📋 TL;DR

RUCKUS Network Director (RND) versions before 4.5 store passwords in a recoverable format instead of using secure hashing. This vulnerability allows attackers with access to the system to potentially retrieve stored passwords, affecting organizations using vulnerable RND installations for network management.

💻 Affected Systems

Products:

RUCKUS Network Director (RND)

Versions: All versions before 4.5

Operating Systems: Not OS-specific - affects RND appliance/software

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. The vulnerability exists in how RND stores authentication credentials internally.

📦 What is this software?

Ruckus Network Director by Commscope

View all CVEs affecting Ruckus Network Director →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain administrative access to the entire network infrastructure managed by RND, enabling complete network compromise, data exfiltration, and lateral movement.

🟠

Likely Case

Attackers with existing access to the system extract stored credentials, potentially escalating privileges or accessing other network devices.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the RND system itself rather than the entire network.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires some level of access to the RND system to access stored password data. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: RND 4.5 or later

Vendor Advisory: https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e

Restart Required: No

Instructions:

1. Download RND version 4.5 or later from RUCKUS support portal. 2. Backup current configuration. 3. Apply the update through the RND web interface or CLI. 4. Verify successful upgrade and functionality.

🔧 Temporary Workarounds

Restrict Access to RND System

all

Limit network access to RND management interface to authorized administrators only using firewall rules and network segmentation.

Implement Strong Authentication

all

Use multi-factor authentication for RND administrative access and ensure strong, unique passwords are used for all accounts.

🧯 If You Can't Patch

Implement strict network segmentation to isolate RND system from critical network segments
Enable comprehensive logging and monitoring for unauthorized access attempts to RND

🔍 How to Verify

Check if Vulnerable:

Check RND version via web interface (System > About) or CLI command 'show version'. If version is below 4.5, system is vulnerable.

Check Version:

show version

Verify Fix Applied:

After upgrading, verify version is 4.5 or higher and check that password storage mechanism has been updated to use secure hashing.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to RND system
Unusual authentication patterns
Configuration changes to password storage

Network Indicators:

Unexpected connections to RND management ports
Traffic patterns suggesting credential extraction

SIEM Query:

source="RND" AND (event_type="authentication" OR event_type="configuration_change")

📊 Metadata

CVE ID: CVE-2025-44958

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE: CWE-257

EPSS Score: 0.03% exploit probability (7.6th percentile)

Published: August 4, 2025

Last Updated: November 3, 2025

🔗 References

https://claroty.com/team82/disclosure-dashboard/cve-2025-44958 Third Party Advisory
https://kb.cert.org/vuls/id/613753 Third Party Advisory
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e Vendor Advisory
https://www.kb.cert.org/vuls/id/613753

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-44958, you might also want to check these: