RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.
The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.