vRIoT IoT Controller

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-69426	Ruckus vRIoT IoT Controller	Cri	0.65	—	0.00		Jan 9, 2026	The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables…
CVE-2025-69425	Ruckus vRIoT IoT Controller	Cri	0.65	—	0.00		Jan 9, 2026	The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password (TOTP) secret and an embedded static…

CVE-2025-69426CriJan 9, 2026
Ruckus
vRIoT IoT Controller
risk 0.65cvss —epss 0.00
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables…
CVE-2025-69425CriJan 9, 2026
Ruckus
vRIoT IoT Controller
risk 0.65cvss —epss 0.00
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA) expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password (TOTP) secret and an embedded static…