CVE-2025-57176 - Vulnerability Details

On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00596.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Ceragon Networks / Siklu Communication

EtherHaul and MultiHaul Series microwave antennas

unaffected

Version	Status	Constraints
`Ceragon MultiHaul MH-B100-CCS`	affected	< R2.4.0
`Ceragon MultiHaul MH-T200-CCC`	affected	< R2.4.0
`Ceragon MultiHaul MH-T200-CNN`	affected	< R2.4.0
`Ceragon MultiHaul MH-T201-CNN`	affected	< R2.4.0
`Ceragon EtherHaul EH-8010FX`	affected	< R10.8.1
`Ceragon EtherHaul EH-500TX`	affected	< R7.7.12
`Ceragon EtherHaul EH-600TX`	affected	< R7.7.12
`Ceragon EtherHaul EH-614TX`	affected	< R7.7.12
`Ceragon EtherHaul EH-700TX`	affected	< R7.7.12
`Ceragon EtherHaul EH-710TX`	affected	< R7.7.12
`Ceragon EtherHaul EH-1200TX`	affected	< R7.7.12
`Ceragon EtherHaul EH-1200FX`	affected	< R7.7.12
`Ceragon EtherHaul EH-2200FX`	affected	< R7.7.12
`Ceragon EtherHaul EH-2500FX`	affected	< R7.7.12
`Ceragon EtherHaul EH-5500FD`	affected	< R7.7.12

No data.

Project Subscriptions

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2025-29215	The rfpiped service on TCP port 555 in Ceragon Networks / Siklu Communication EtherHaul series (8010TX and 1200FX tested) Firmware 7.4.0 through 10.7.3 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-04

History

Wed, 11 Mar 2026 04:30:00 +0000

Type	Values Removed	Values Added
References	http://ceragon.com http://etherhaul.com

Wed, 11 Mar 2026 04:00:00 +0000

Type	Values Removed	Values Added
Description	The rfpiped service on TCP port 555 in Ceragon Networks / Siklu Communication EtherHaul series (8010TX and 1200FX tested) Firmware 7.4.0 through 10.7.3 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.	On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.
References		https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-04
Metrics	cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N'}`	cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}`

Mon, 15 Sep 2025 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-434
Metrics		cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 15 Sep 2025 17:15:00 +0000

Type	Values Removed	Values Added
Description		The rfpiped service on TCP port 555 in Ceragon Networks / Siklu Communication EtherHaul series (8010TX and 1200FX tested) Firmware 7.4.0 through 10.7.3 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.
References		http://ceragon.com http://etherhaul.com

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-09-15T00:00:00.000Z

Updated: 2026-03-11T03:47:21.304Z

Reserved: 2025-08-17T00:00:00.000Z

Link: CVE-2025-57176

Vulnrichment

Updated: 2025-09-15T18:10:39.443Z

NVD

Status : Awaiting Analysis

Published: 2025-09-15T17:15:35.220

Modified: 2026-03-11T04:17:23.773

Link: CVE-2025-57176

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-434

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object