Matthias Brun

2 exploits Active since Jul 2025
CVE-2025-34103 EXPLOITDB CRITICAL ruby WORKING POC
WePresent WiPG-1000 <2.2.3.0 - Command Injection
An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized before being passed to a system call, allowing an unauthenticated remote attacker to execute arbitrary commands as the web server user.
CVE-2025-34103 METASPLOIT CRITICAL ruby WORKING POC
WePresent WiPG-1000 <2.2.3.0 - Command Injection
An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized before being passed to a system call, allowing an unauthenticated remote attacker to execute arbitrary commands as the web server user.