Lucene search
K

6 matches found

Nuclei
Nuclei
added 2026/07/07 4:50 p.m.112 views

MeteoBridge <= 6.1 - Remote Code Execution

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.This web interface exposes an endpoint that is vulnerable to command injection.Remote...

8.8CVSS7.6AI score0.94991EPSS
Exploits3References3
Saint
Saint
added 2025/10/03 12:0 a.m.83 views

MeteoBridge template.cgi command injection

Added: 10/03/2025 CVE: CVE-2025-4008 Background MeteoBridge is a device which connects personal weather stations to public weather networks. Problem A command injection vulnerability in the MeteoBridge web interface could allow remote, unauthenticated attackers to execute arbitrary commands by...

8.8CVSS8.3AI score0.94991EPSS
Exploits3
Circl
Circl
added 2025/05/21 3:42 p.m.22 views

CVE-2025-4008

creationtimestamp| type| source ---|---|--- 2025-05-21 15:42:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17135 2025-05-21 15:57:50+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114546643422662237 2025-05-21 17:18:31+00:00| seen|...

8.8CVSS7.5AI score0.94991EPSS
Exploits3References32
Vulnrichment
Vulnrichment
added 2025/05/21 3:31 p.m.9 views

CVE-2025-4008 Arbitrary Command Injection in Smartbedded MeteoBridge

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote...

8.7CVSS7.5AI score0.94991EPSS
Exploits3References2
CVE
CVE
added 2025/05/21 3:31 p.m.92 views

CVE-2025-4008

The CVE-2025-4008 vulnerability affects Smartbedded Meteobridge prior to 6.2. The web interface processes input in template.cgi (unsanitized query-string data passed to eval), enabling unauthenticated remote attackers to execute arbitrary commands with root privileges, risking full device comprom...

8.8CVSS7.1AI score0.94991EPSS
In wildExploits3References3Affected Software2
Cvelist
Cvelist
added 2025/05/21 3:31 p.m.111 views

CVE-2025-4008 Arbitrary Command Injection in Smartbedded MeteoBridge

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote...

8.7CVSS0.94991EPSS
Exploits3References2
Rows per page
Query Builder