CVE-2025-57176

MEDIUM

Ceragon Networks EtherHaul - Unauthenticated File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-57176. PoCs published by semaja2, semaja22.

AI-analyzed exploit summary This exploit leverages an unauthenticated arbitrary file upload vulnerability in Siklu EtherHaul devices by crafting encrypted packets to upload files via a proprietary protocol on port 555. It uses AES-CBC encryption with a hardcoded key and IV to bypass authentication and upload payloads to specified paths.

Description

On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.

Exploits (2)

exploitdb WORKING POC
by semaja2 · pythonwebappsmultiple
https://www.exploit-db.com/exploits/52467

This exploit leverages an unauthenticated arbitrary file upload vulnerability in Siklu EtherHaul devices by crafting encrypted packets to upload files via a proprietary protocol on port 555. It uses AES-CBC encryption with a hardcoded key and IV to bypass authentication and upload payloads to specified paths.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Siklu EtherHaul Series (EH-8010, EH-1200) Firmware 7.4.0 - 10.7.3
No auth needed
Prerequisites: Network access to target device on port 555 · Knowledge of target path for file upload
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by semaja22 · poc
https://github.com/semaja22/CVE-2025-57176

This PoC exploits an unauthenticated arbitrary file upload vulnerability in Siklu EtherHaul Series devices by crafting a malicious packet with AES-CBC encryption and sending it to the target device on port 555. The exploit allows an attacker to upload arbitrary files to the device without authentication.

Classification
Working Poc 95%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: Siklu EtherHaul Series (Firmware 7.4.0 - 10.7.3)
No auth needed
Prerequisites: Network access to the target device · Target device running vulnerable firmware
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Various Sources
http://ceragon.com
Various Sources
http://etherhaul.com
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-04

Scores

CVSS v3 6.5
EPSS 0.0042
EPSS Percentile 33.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-434
Status published
Products (15)
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-1200FX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-1200TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-2200FX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-2500FX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-500TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-5500FD - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-600TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-614TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-700TX - R7.7.12
Ceragon Networks / Siklu Communication/EtherHaul and MultiHaul Series microwave antennas Ceragon EtherHaul EH-710TX - R7.7.12
... and 5 more
Published Sep 15, 2025
Tracked Since Feb 18, 2026