CVE-2025-57174
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-57174
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all devices, allowing attackers to craft encrypted packets that execute arbitrary commands without authentication. This is a failed patch for CVE-2017-7318. This issue may affect other Etherhaul series devices with shared firmware.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ceragon EtherHaul series 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ceragon EtherHaul series是美国Ceragon公司的一款点对点无限链路设备。 Ceragon EtherHaul series 7.4.0版本至10.7.3版本及之前版本存在安全漏洞,该漏洞源于rfpiped服务使用硬编码静态AES加密密钥,可能导致未经身份验证执行任意命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-57174
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | CVE-2025-57174 Unauthenticated Remote Command Execution | https://github.com/semaja22/CVE-2025-57174 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-57174
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-09-15 · 22 CVEs total
| CVE-2025-10471 | 6.3 MEDIUM | ZKEACMS MediaController.cs Proxy server-side request forgery |
| CVE-2025-10475 | 5.5 MEDIUM | SpyShelter IOCTL SpyShelter.sys denial of service |
| CVE-2025-10422 | 4.3 MEDIUM | newbee-mall Order Status paySuccess improper authorization |
| CVE-2025-10423 | 3.7 LOW | newbee-mall kaptcha mallKaptcha Captcha |
| CVE-2025-10434 | 2.4 LOW | IbuyuCMS Add Article article.php cross site scripting |
| CVE-2025-52344 | Explorance Blue 安全漏洞 | |
| CVE-2025-57118 | PHPGurukul Online Library Management System 安全漏洞 | |
| CVE-2025-57117 | Rems Employee Management System 安全漏洞 | |
| CVE-2025-56274 | SourceCodester Web-based Pharmacy Product Management System 安全漏洞 | |
| CVE-2025-45091 | Seafile 安全漏洞 | |
| CVE-2025-56448 | Positron PX360BT 安全漏洞 | |
| CVE-2025-56710 | PHPGurukul Student Result Management System 安全漏洞 | |
| CVE-2025-57104 | Teampel 安全漏洞 | |
| CVE-2025-49089 | MoneyPrinterTurbo 安全漏洞 | |
| CVE-2025-52048 | Frappe Technologies Frappe 安全漏洞 | |
| CVE-2025-57248 | sumatrapdf 安全漏洞 | |
| CVE-2025-56252 | ServitiumCRM 安全漏洞 | |
| CVE-2025-52053 | TOTOLINK X6000R 安全漏洞 | |
| CVE-2025-46408 | AVTECH EagleEyes 安全漏洞 | |
| CVE-2025-50110 | AVTECH EagleEyes Lite 安全漏洞 |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2025-57174
No comments yet