## https://sploitus.com/exploit?id=SAINT:1D2293C6FC5216D68325B004DD0BA9BA
Added: 10/03/2025
CVE: CVE-2025-4008
### Background
MeteoBridge is a device which connects personal weather stations to public weather networks.
### Problem
A command injection vulnerability in the MeteoBridge web interface could allow remote, unauthenticated attackers to execute arbitrary commands by sending a specially crafted request to `**public/template.cgi**`.
### Resolution
Upgrade to Meteobridge 6.2 or higher. Instructions for upgrading are in the meteohub.de post.
### References
https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008
### Platforms
MeteoBridge