CVE-2025-4008

HIGH KEV NUCLEI

Smartbedded Meteobridge VM < 6.2 - Command Injection

Title source: rule

Description

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.

Nuclei Templates (1)

MeteoBridge <= 6.1 - Remote Code Execution

HIGHVERIFIEDby iamnoooob,pdresearch

Shodan: meteobridge

FOFA: Meteobridge

References (3)

[Vendor Advisory] https://forum.meteohub.de/viewtopic.php?t=18687

[Exploit, Third Party Advisory] https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4008

Scores

CVSS v3 8.8

EPSS 0.4392

EPSS Percentile 97.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-10-02

VulnCheck KEV 2025-10-02

ENISA EUVD EUVD-2025-16032

CWE

CWE-306 CWE-77

Status published

Products (2)

smartbedded/meteobridge_firmware < 6.2

smartbedded/meteobridge_vm < 6.2

Published May 21, 2025

KEV Added Oct 02, 2025

Tracked Since Feb 18, 2026