CVE Catalog

CVE-2025-57174

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.99%

58th percentile - higher than 58% of all known CVEs

Summary

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices running firmware versions 7.4.0 through 10.7.3. The rfpiped service listening on TCP port 555 uses static AES encryption keys hardcoded in the binary, identical across all devices, allowing attackers to craft encrypted packets that execute arbitrary commands without authentication. This is a failed patch for CVE-2017-7318.

Risk Assessment

An attacker can remotely take full control of the device without knowing any passwords, leading to complete network compromise, traffic interception, or using the device as an entry point for further attacks.

Recommendation

Immediately update the device firmware to the latest available version that fixes this vulnerability. If no update is available, restrict access to TCP port 555 to trusted networks only or block it at the network firewall.

Original NVD description (English source)

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all devices, allowing attackers to craft encrypted packets that execute arbitrary commands without authentication. This is a failed patch for CVE-2017-7318. This issue may affect other Etherhaul series devices with shared firmware.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS