CVE-2025-57175

| EUVD-2025-209317 MEDIUM
2026-04-08 mitre GHSA-7xx5-v8m5-xh6j
6.4
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Apr 08, 2026 - 17:16 euvd
EUVD-2025-209317
Analysis Generated
Apr 08, 2026 - 17:16 vuln.today
CVE Published
Apr 08, 2026 - 00:00 nvd
MEDIUM 6.4

Tags

Authentication Bypass

Description

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-10_6_2-18707-ea552dc00b devices have a static root password.

Analysis

Siklu EtherHaul 8010 wireless backhaul devices contain a static root password that enables physical attackers or those with local console access to gain complete administrative control without authentication. The vulnerability affects firmware version 10.6.2-18707 and potentially other versions of the EtherHaul 8010 product line, allowing credential-based authentication bypass with high confidentiality and integrity impact. No public exploit code or active exploitation has been confirmed at this time, though the CVSS:3.1 physical attack vector (AV:P) reflects that an attacker must have direct physical access to the device's console interfaces.

Technical Context

The vulnerability is rooted in CWE-259 (Use of Hard-Coded Password), a critical authentication defect where a static root password is embedded in device firmware rather than being cryptographically generated or user-configured. The EtherHaul 8010 is a point-to-point wireless backhaul system used in carrier and enterprise networks for microwave transmission; it typically operates in remote or distributed locations. The siklu-uimage-nxp-enc firmware variant indicates NXP-based hardware with encrypted firmware images. An attacker with physical access to the console port (serial, Ethernet management interface, or local terminal) can use the hard-coded credential to authenticate as root, bypassing all access controls and gaining unrestricted control over radio configuration, traffic interception, and network routing.

Affected Products

Siklu EtherHaul 8010 is affected across the product line, with confirmed impact on firmware version 10.6.2-18707 (CPE cpe:2.3:a:siklu:etherhaul_8010:*:*:*:*:*:*:*:*). The vulnerability likely affects other 10.x and earlier firmware versions, though only 10.6.2-18707 is explicitly named in this advisory. Organizations should check Siklu documentation and firmware release notes to determine the full scope of affected versions.

Remediation

Vendor-released patch and exact remediation version have not been independently confirmed from available data. Organizations should immediately contact Siklu support to obtain a firmware update that either removes the static root password or implements a mandatory user-configurable credential initialization on first boot. Until a patched firmware version is available and deployed, mitigation relies on physical security: restrict console access (serial ports, management Ethernet interfaces) to authorized personnel only, disable remote management protocols if not required, and monitor access logs for authentication anomalies. Interim workarounds may include network-level isolation of EtherHaul management interfaces and implementation of out-of-band monitoring to detect unauthorized radio parameter changes.

Priority Score

32
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +32
POC: 0

Share

CVE-2025-57175 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy