Search criteria
3 vulnerabilities found for meteobridge_firmware by smartbedded
FKIE_CVE-2025-4008
Vulnerability from fkie_nvd - Published: 2025-05-21 16:15 - Updated: 2025-10-27 17:02
Severity ?
Summary
The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.
This web interface exposes an endpoint that is vulnerable to command injection.
Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| smartbedded | meteobridge_vm | * | |
| smartbedded | meteobridge_firmware | * |
{
"cisaActionDue": "2025-10-23",
"cisaExploitAdd": "2025-10-02",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Smartbedded Meteobridge Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smartbedded:meteobridge_vm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73677879-2B1B-4EB0-A41D-36FF0D1BF2FA",
"versionEndExcluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:smartbedded:meteobridge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26855342-5634-4F00-BE74-33674022488A",
"versionEndExcluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.\n\nThis web interface exposes an endpoint that is vulnerable to command injection.\n\nRemote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices."
},
{
"lang": "es",
"value": "La interfaz web de Meteobridge permite al administrador gestionar la recopilaci\u00f3n de datos de su estaci\u00f3n meteorol\u00f3gica y administrar su sistema mediante una aplicaci\u00f3n web escrita en scripts de shell CGI y C. Esta interfaz web expone un endpoint vulnerable a la inyecci\u00f3n de comandos. Atacantes remotos no autenticados pueden ejecutar comandos arbitrarios con privilegios elevados (root) en los dispositivos afectados."
}
],
"id": "CVE-2025-4008",
"lastModified": "2025-10-27T17:02:18.900",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "research@onekey.com",
"type": "Secondary"
}
]
},
"published": "2025-05-21T16:15:33.987",
"references": [
{
"source": "research@onekey.com",
"tags": [
"Vendor Advisory"
],
"url": "https://forum.meteohub.de/viewtopic.php?t=18687"
},
{
"source": "research@onekey.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4008"
}
],
"sourceIdentifier": "research@onekey.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
},
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "research@onekey.com",
"type": "Secondary"
}
]
}
CVE-2025-4008 (GCVE-0-2025-4008)
Vulnerability from cvelistv5 – Published: 2025-05-21 15:31 – Updated: 2025-10-21 22:55
VLAI?
Title
Arbitrary Command Injection in Smartbedded MeteoBridge
Summary
The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.
This web interface exposes an endpoint that is vulnerable to command injection.
Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Smartbedded | MeteoBridge |
Affected:
0 , ≤ 6.1
(semver)
|
Credits
ONEKEY Research Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4008",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T03:55:47.221471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-10-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4008"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:14.636Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4008"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-02T00:00:00+00:00",
"value": "CVE-2025-4008 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MeteoBridge",
"vendor": "Smartbedded",
"versions": [
{
"lessThanOrEqual": "6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ONEKEY Research Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.\u003cbr\u003e\u003cbr\u003eThis web interface exposes an endpoint that is vulnerable to command injection.\u003cbr\u003e\u003cbr\u003eRemote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.\u003cbr\u003e"
}
],
"value": "The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.\n\nThis web interface exposes an endpoint that is vulnerable to command injection.\n\nRemote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-23T08:04:48.828Z",
"orgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"shortName": "ONEKEY"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://forum.meteohub.de/viewtopic.php?t=18687"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-02-25T08:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-03-18T08:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-04-10T07:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-04-15T07:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-04-10T07:00:00.000Z",
"value": "ONEKEY posts a message on MeteoBridge support forum"
},
{
"lang": "en",
"time": "2025-04-11T07:00:00.000Z",
"value": "MeteoBridge support forum administrator delets the forum post and account."
},
{
"lang": "en",
"time": "2025-04-27T08:30:00.000Z",
"value": "ONEKEY notifies the German BSI"
},
{
"lang": "en",
"time": "2025-05-14T07:00:00.000Z",
"value": "Smartbedded notifies the German BSI of a patch being available (version 6.2)"
},
{
"lang": "en",
"time": "2025-05-21T15:30:00.000Z",
"value": "CVE publication"
}
],
"title": "Arbitrary Command Injection in Smartbedded MeteoBridge",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"assignerShortName": "ONEKEY",
"cveId": "CVE-2025-4008",
"datePublished": "2025-05-21T15:31:23.118Z",
"dateReserved": "2025-04-27T08:21:52.184Z",
"dateUpdated": "2025-10-21T22:55:14.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4008 (GCVE-0-2025-4008)
Vulnerability from nvd – Published: 2025-05-21 15:31 – Updated: 2025-10-21 22:55
VLAI?
Title
Arbitrary Command Injection in Smartbedded MeteoBridge
Summary
The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.
This web interface exposes an endpoint that is vulnerable to command injection.
Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Smartbedded | MeteoBridge |
Affected:
0 , ≤ 6.1
(semver)
|
Credits
ONEKEY Research Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4008",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T03:55:47.221471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-10-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4008"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:14.636Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4008"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-02T00:00:00+00:00",
"value": "CVE-2025-4008 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MeteoBridge",
"vendor": "Smartbedded",
"versions": [
{
"lessThanOrEqual": "6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ONEKEY Research Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.\u003cbr\u003e\u003cbr\u003eThis web interface exposes an endpoint that is vulnerable to command injection.\u003cbr\u003e\u003cbr\u003eRemote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.\u003cbr\u003e"
}
],
"value": "The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.\n\nThis web interface exposes an endpoint that is vulnerable to command injection.\n\nRemote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-23T08:04:48.828Z",
"orgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"shortName": "ONEKEY"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://forum.meteohub.de/viewtopic.php?t=18687"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-02-25T08:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-03-18T08:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-04-10T07:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-04-15T07:00:00.000Z",
"value": "Notification email sent to info@smartbedded.com"
},
{
"lang": "en",
"time": "2025-04-10T07:00:00.000Z",
"value": "ONEKEY posts a message on MeteoBridge support forum"
},
{
"lang": "en",
"time": "2025-04-11T07:00:00.000Z",
"value": "MeteoBridge support forum administrator delets the forum post and account."
},
{
"lang": "en",
"time": "2025-04-27T08:30:00.000Z",
"value": "ONEKEY notifies the German BSI"
},
{
"lang": "en",
"time": "2025-05-14T07:00:00.000Z",
"value": "Smartbedded notifies the German BSI of a patch being available (version 6.2)"
},
{
"lang": "en",
"time": "2025-05-21T15:30:00.000Z",
"value": "CVE publication"
}
],
"title": "Arbitrary Command Injection in Smartbedded MeteoBridge",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"assignerShortName": "ONEKEY",
"cveId": "CVE-2025-4008",
"datePublished": "2025-05-21T15:31:23.118Z",
"dateReserved": "2025-04-27T08:21:52.184Z",
"dateUpdated": "2025-10-21T22:55:14.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}