Semaja2

**Name of the Vulnerable Software and Affected Versions** Siklu MultiHaul TG series versions prior to 2.0.0 **Description** Siklu MultiHaul TG series devices are affected by an issue that allows remote attackers to retrieve randomly generated credentials via a network request without authentication. An attacker can send a specific hex-encoded command to port `12777` to obtain the `username` and `password`, which enables direct SSH access to the device. **Recommendations** Update Siklu MultiHaul TG series devices to version 2.0.0 or later.

**Name of the Vulnerable Software and Affected Versions** Siklu Communications Etherhaul 8010TX and 1200FX devices versions 7.4.0 through 10.7.3 **Description** An issue exists in the `rfpiped` service, listening on TCP port 555, which utilizes static AES encryption keys hardcoded within the binary. These keys are consistent across all devices, enabling attackers to construct encrypted packets to execute arbitrary commands without authentication. This is a failed patch for a previously known issue. Other Etherhaul series devices with shared firmware may also be affected. **Recommendations** Versions prior to 7.4.0 are recommended. Versions 7.4.0 through 10.7.3 are recommended to be updated.