62 matches found
CVE-2025-57175
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...
EUVD-2025-209317
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...
CVE-2025-57175
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...
CVE-2025-57175
CVE-2025-57175 affects Siklu EtherHaul 8010 devices (image siklu-uimage-nxp-enc-10_6_2-18707-ea552dc00b). The root cause is a static root password present in the affected firmware image. Impact is stated as high confidentiality/integrity/availability (per CVSS) with physical attack vector and hig...
CVE-2025-57175
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...
Siklu EtherHaul 安全漏洞
Siklu EtherHaul is a series of millimeter-wave wireless transmission devices developed by Siklu Corporation. The Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b version contains a security vulnerability, which stems from the presence of a static root password...
CVE-2025-57175
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...
Ceragon Siklu MultiHaul and EtherHaul Series
RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary file upload to the target equipment. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilityies, such as: When remote access is...
📄 Siklu EtherHaul Series EH-8010 / EH-1200 File Upload
PHP proof of concept for a critical vulnerability that exists in Siklu EtherHaul EH-8010 and EH-1200 devices running firmware versions 7.4.0 through 10.7.3. The rfpiped service exposed on TCP port 555 uses hardcoded AES-256-CBC encryption parameters static key and IV and lacks any authentication...
📄 Siklu EtherHaul Series EH-8010 / EH-1200 Arbitrary File Upload
This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Siklu EtherHaul wireless backhaul devices. By abusing the proprietary encrypted RFPipe protocol, an unauthenticated remote attacker can upload arbitrary files to the target system without valid credentials...
📄 Siklu EtherHaul EH-8010 / EH-1200 Vulnerability Scanner
This PHP-based scanner safely detects an unauthenticated remote command execution vulnerability in Siklu EtherHaul EH-8010 and EH-1200 devices by sending a non-destructive encrypted probe command and validating the response. The scanner does not alter device state and is suitable for large-scale...
📄 Siklu EtherHaul Series EH-8010 / EH-1200 Remote Command Execution
Siklu EtherHaul Series EH-8010 and EH-1200 with firmware versions between 7.4.0 and 10.7.3 suffer from a remote command execution vulnerability. Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 -...
📄 Siklu EtherHaul Series EH-8010 / EH-1200 Arbitrary File Upload
Siklu EtherHaul Series EH-8010 and EH-1200 with firmware versions between 7.4.0 and 10.7.3 suffer from an unauthenticated arbitrary file upload vulnerability. Exploit Title: Siklu EtherHaul Series - Unauthenticated Arbitrary File Upload Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit...
Siklu EtherHaul Series EH-8010 - Arbitrary File Upload
Exploit Title: Siklu EtherHaul Series - Unauthenticated Arbitrary File Upload Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 - Andrew James Vendor Homepage: https://www.ceragon.com/products/siklu-by-ceragon Software Link: ftp://ftp.bubakov.net/siklu/ Version: EH-8010...
Siklu EtherHaul Series EH-8010 - Remote Command Execution
Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 - Andrew James Vendor Homepage: https://www.ceragon.com/products/siklu-by-ceragon Software Link: ftp://ftp.bubakov.net/siklu/ Version: EH-8010 and...
CVE-2024-58300
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling...
EUVD-2024-55332
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling...
CVE-2024-58300
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling...
CVE-2024-58300 Siklu MultiHaul TG Series < 2.0.0 Unauthenticated Credential Disclosure Vulnerability
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling...
CVE-2024-58300
The CVE-2024-58300 affects Siklu MultiHaul TG series devices before version 2.0.0. An unauthenticated vulnerability allows remote attackers to retrieve randomly generated credentials by sending a specific hex-encoded command to port 12777, yielding the username and password and enabling direct SS...