RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.
The product uses a default cryptographic key for potentially critical functionality.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ruckus_smartzone_firmware | Commscope | * | 6.1.2 (excluding) |
Ruckus_smartzone_firmware | Commscope | 6.1.2 (including) | 6.1.2 (including) |
Ruckus_smartzone_firmware | Commscope | 6.1.2-p2 (including) | 6.1.2-p2 (including) |
Ruckus_smartzone_firmware | Commscope | 6.1.2-p3 (including) | 6.1.2-p3 (including) |
Ruckus_smartzone_firmware | Commscope | 7.0.0 (including) | 7.0.0 (including) |
Ruckus_smartzone_firmware | Commscope | 7.1.0 (including) | 7.1.0 (including) |