cbcvebase.
CVE-2025-57176
published 2025-09-15

CVE-2025-57176: On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows…

PriorityP351medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EXPLOIT
EPSS
0.42%
33.4th percentile
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.

Affected

15 ranges
VendorProductVersion rangeFixed in
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-1200FX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-1200TX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-2200FX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-2500FX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-500TX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-5500FD < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-600TX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-614TX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-700TX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-710TX < R7.7.12R7.7.12
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon EtherHaul EH-8010FX < R10.8.1R10.8.1
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon MultiHaul MH-B100-CCS < R2.4.0R2.4.0
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon MultiHaul MH-T200-CCC < R2.4.0R2.4.0
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon MultiHaul MH-T200-CNN < R2.4.0R2.4.0
ceragon_networkssiklu_communication_etherhaul_and_multihaul_series_microwave_antennas>= Ceragon MultiHaul MH-T201-CNN < R2.4.0R2.4.0
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.