CVE-2025-57176
MEDIUMCeragon Networks EtherHaul - Unauthenticated File Upload
Title source: llmDescription
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.
Exploits (2)
Scores
CVSS v3
6.5
EPSS
0.0046
EPSS Percentile
64.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-434
Status
published
Products (15)
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-1200FX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-1200TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-2200FX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-2500FX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-500TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-5500FD - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-600TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-614TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-700TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas
Ceragon EtherHaul EH-710TX - R7.7.12
... and 5 more
Published
Sep 15, 2025
Tracked Since
Feb 18, 2026