CVE-2025-57176
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption (metadata only) with file contents transmitted in cleartext. No authentication or path validation is performed.
| CWE | CWE-434 |
| Vendor | ceragon networks / siklu communication |
| Product | etherhaul and multihaul series microwave antennas |
| Published | Sep 15, 2025 |
| Last Updated | Mar 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for ceragon networks / siklu communication etherhaul and multihaul series microwave antennas
Be the first to know when new medium vulnerabilities affecting ceragon networks / siklu communication etherhaul and multihaul series microwave antennas are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Ceragon Networks / Siklu Communication / EtherHaul and MultiHaul Series microwave antennas
Ceragon MultiHaul MH-B100-CCS < R2.4.0 Ceragon MultiHaul MH-T200-CCC < R2.4.0 Ceragon MultiHaul MH-T200-CNN < R2.4.0 Ceragon MultiHaul MH-T201-CNN < R2.4.0 Ceragon EtherHaul EH-8010FX < R10.8.1 Ceragon EtherHaul EH-500TX < R7.7.12 Ceragon EtherHaul EH-600TX < R7.7.12 Ceragon EtherHaul EH-614TX < R7.7.12 Ceragon EtherHaul EH-700TX < R7.7.12 Ceragon EtherHaul EH-710TX < R7.7.12 Ceragon EtherHaul EH-1200TX < R7.7.12 Ceragon EtherHaul EH-1200FX < R7.7.12 Ceragon EtherHaul EH-2200FX < R7.7.12 Ceragon EtherHaul EH-2500FX < R7.7.12 Ceragon EtherHaul EH-5500FD < R7.7.12