Share
## https://sploitus.com/exploit?id=SAINT:1D2293C6FC5216D68325B004DD0BA9BA
Added: 10/03/2025  
CVE: CVE-2025-4008  


### Background

MeteoBridge is a device which connects personal weather stations to public weather networks. 

### Problem

A command injection vulnerability in the MeteoBridge web interface could allow remote, unauthenticated attackers to execute arbitrary commands by sending a specially crafted request to `**public/template.cgi**`. 

### Resolution

Upgrade to Meteobridge 6.2 or higher. Instructions for upgrading are in the meteohub.de post. 

### References

https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008   


### Platforms

MeteoBridge