Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
&color=brightgreen)
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.
- https://chocapikk.com/posts/2025/when-a-wifi-name-gives-you-root-part-two/
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/Chocapikk/CVE-2025-34152
- https://github.com/Chocapikk/Chocapikk
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/kh4sh3i/CVE-2025-34152
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/yembors64632/cve_monitor_Public