- Description
- The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.
- Source
- research@onekey.com
- NVD status
- Analyzed
- Products
- meteobridge_vm, meteobridge_firmware
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Smartbedded Meteobridge Command Injection Vulnerability
- Exploit added on
- Oct 2, 2025
- Exploit action due
- Oct 23, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- research@onekey.com
- CWE-77
- Hype score
- Not currently trending
CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild The U.S. Cybersecurity and Infrastructure Secu 𝗖𝘂𝗿𝗶𝗼𝘂𝘀? 𝗙𝗼𝗹𝗹𝗼𝘄 𝘂𝘀 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗳𝘂𝗹𝗹 𝘀𝘁𝗼𝗿𝘆! @thehackersnews @edgeitech
@Edgeitech
13 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild #CISO https://t.co/uRQs2ohikw https://t.co/P4Q9QHMdEa
@compuchris
9 Oct 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns that Meteobridge CVE-2025-4008 is being actively exploited, patch immediately to prevent unauthorized access, read more: https://t.co/IgorTKdfCe #CyberSecurity #CISA #Vulnerability https://t.co/ZCoBXrPwcw
@sctocs25
7 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA confirms active exploitation of CVE-2025-4008 A command injection flaw in Smartbedded Meteobridge lets attackers gain root access — no authentication needed. 🛡️ Read full details: https://t.co/BqGSOskT8G #CyberSecurity #CVE20254008 #CISA #IoTSecurity #Exploit #V
@vulert_official
7 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
URGENT: Meteobridge Controllers Under Attack — Actively Exploited Command Injection Flaw (CVE-2025-4008) Grants RCE Read the full report on - https://t.co/o3tIooDw3u https://t.co/WETdJgTWM5
@Iambivash007
6 Oct 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zero-Day Threat: Hackers Are Exploiting This Critical Meteobridge Flaw (CVE-2025-4008) for Root Access Read the full report on - https://t.co/TRGQtaDmIK https://t.co/yKYyNUXQy0
@Iambivash007
4 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
URGENT PATCH: Meteobridge Flaw (CVE-2025-4008) Added to CISA's KEV Catalog—Actively Exploited! Read the full report on - https://t.co/jXdBPdvEBD https://t.co/kaITUAk3kW
@Iambivash007
4 Oct 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Meteobridgeの脆弱性に関する警告と対策(CVE-2025-4008) https://t.co/lvhlNfTeMp #Security #セキュリティー #ニュース
@SecureShield_
4 Oct 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAがMeteobridgeのCVE-2025-4008脆弱性を悪用中と警告 https://t.co/Oxt0lKzgS8 #Security #セキュリティー #ニュース
@SecureShield_
4 Oct 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Urgent CISA alert! Meteobridge CVE-2025-4008 is *actively exploited in the wild*. Users, check your systems NOW to prevent compromise. Stay safe! #CyberSecurity #CVE https://t.co/WF3gouqGHA
@xcybersecnews
3 Oct 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Meteobridge Security Flaw CVE-2025-4008 Under Active Attack, Patch Now #CISA #CVE20254008 #Meteobridge #CyberSecurity #Vulnerability #IoTSecurity #DataProtection #Infosec #PatchNow #KEV #ActiveExploitation https://t.co/cal6ejpWzT
@cyashadotcom
3 Oct 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Flags Meteobridge #CVE-2025-4008 #flaw as Actively Exploited in the Wild https://t.co/yRrq8q7vmD
@AdliceSoftware
3 Oct 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The vulnerability, CVE-2025-4008 (CVSS score: 8.7), is a case of command injection in the Meteobridge web interface that could result in code execution. #cybersecurity https://t.co/U1FvanJaWL
@cybertzar
3 Oct 2025
35 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#CISA Flags #Meteobridge #CVE-2025-4008 Flaw as Actively Exploited in the Wild https://t.co/6JbX4ea5jY
@ScyScan
3 Oct 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA flags a high-severity command injection flaw, CVE-2025-4008, in Smartbedded Meteobridge as actively exploited. Update your systems now! 🚨 https://t.co/OkqMQz9Ct6 #Cybersecurity #Meteobridge #CISA #Vulnerability #CVE20254008
@0xT3chn0m4nc3r
3 Oct 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-4008 - high 🚨 MeteoBridge <= 6.1 - Remote Code Execution > The Meteobridge web interface let meteobridge administrator manage their weather stat... 👾 https://t.co/6O0gds0OtE @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
5 Jun 2025
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-4008
@transilienceai
1 Jun 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A critical command injection flaw in MeteoBridge firmware (CVE-2025-4008) allows remote code execution via insecure CGI scripts. The issue was fixed with firmware v6.2 after responsible disclosure. ⚠️ #IoT #Security #USA https://t.co/gt0q1IR58f
@TweetThreatNews
27 May 2025
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
2025-05-26 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008) | ONEKEY Research | Research | ONEKEY https://t.co/rPswoF51aC https://t.co/bAC3CdiotM
@motikan2010
27 May 2025
144 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Unauthenticated RCE on Smartbedded MeteoBridge (CVE-2025-4008) https://t.co/XiUjqlzCy0 https://t.co/73aliUWWqm
@secharvesterx
26 May 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-4008: CRITICAL] Warning: Meteobridge web interface is vulnerable to command injection, allowing attackers to gain root access remotely. Secure your system now! #cybersecurity#cve,CVE-2025-4008,#cybersecurity https://t.co/oBf3JHqw9F https://t.co/GfnOTQ48Pf
@CveFindCom
21 May 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smartbedded:meteobridge_vm:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73677879-2B1B-4EB0-A41D-36FF0D1BF2FA",
"versionEndExcluding": "6.2"
},
{
"criteria": "cpe:2.3:o:smartbedded:meteobridge_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26855342-5634-4F00-BE74-33674022488A",
"versionEndExcluding": "6.2"
}
],
"operator": "OR"
}
]
}
]