Command Injection Vulnerability in Meteobridge Web Interface
CVE-2025-4008
Key Information:
- Vendor
Smartbedded
- Status
- Vendor
- CVE Published:
- 21 May 2025
Badges
What is CVE-2025-4008?
The Meteobridge web interface, responsible for managing weather station data and system administration, is susceptible to a command injection vulnerability. This flaw exists within the CGI shell scripts and C code that underlie the web application. Through a specific endpoint, remote attackers can execute arbitrary commands with high-level privileges, compromising the affected device's integrity. Unauthenticated users leveraging this vulnerability can gain root access, leading to potential system takeover and data manipulation.
CISA has reported CVE-2025-4008
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-4008 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
MeteoBridge 0 <= 6.1
News Articles
The Hacker NewsCVE-2025-4008CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild
CISA adds actively exploited Meteobridge CVE-2025-4008 and four other critical flaws to KEV catalog.
References
EPSS Score
44% chance of being exploited in the next 30 days.
CVSS V4
Timeline
- π°
First article discovered by The Hacker News
- πΎ
Exploit known to exist
- π¦
CISA Reported
Vulnerability published
Vulnerability Reserved