Home

Description

A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) during WPA2 configuration. The 'key' parameter is interpreted directly by the system shell, enabling attackers to execute arbitrary commands as root. Exploitation requires no authentication and can be triggered during wireless setup.

PUBLISHED Reserved 2025-04-15 | Published 2025-08-07 | Updated 2025-12-01 | Assigner VulnCheck




CRITICAL: 9.4CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unaffected

*
affected

Credits

Valentin Lobstein (Chocapikk) finder

Dinesh Aswin S. (esistdini) finder

References

chocapikk.com/...5/when-a-wifi-name-gives-you-root-part-two/ technical-description exploit

www.aliexpress.us/item/3256806767641280.html product

www.vulncheck.com/...eater-os-command-injection-via-wpa2-key third-party-advisory

cve.org (CVE-2025-34149)

nvd.nist.gov (CVE-2025-34149)

Download JSON