Share
## https://sploitus.com/exploit?id=SAINT:22C7371087FAD0E689377329880B0830
Added: 10/03/2025  
CVE: CVE-2025-4008  


### Background

MeteoBridge is a device which connects personal weather stations to public weather networks. 

### Problem

A command injection vulnerability in the MeteoBridge web interface could allow remote, unauthenticated attackers to execute arbitrary commands by sending a specially crafted request to `**public/template.cgi**`. 

### Resolution

Upgrade to Meteobridge 6.2 or higher. Instructions for upgrading are in the meteohub.de post. 

### References

https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008   


### Platforms

MeteoBridge