Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all devices, allowing attackers to craft encrypted packets that execute arbitrary commands without authentication. This is a failed patch for CVE-2017-7318. This issue may affect other Etherhaul series devices with shared firmware.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ceragon EtherHaul series 安全漏洞
Vulnerability Description
Ceragon EtherHaul series是美国Ceragon公司的一款点对点无限链路设备。 Ceragon EtherHaul series 7.4.0版本至10.7.3版本及之前版本存在安全漏洞,该漏洞源于rfpiped服务使用硬编码静态AES加密密钥,可能导致未经身份验证执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A