A command injection vulnerability was discovered in the MeteoBridge firmware, allowing unauthenticated remote code execution. The issue was identified through ONEKEY’s static code analysis and led to a responsible disclosure resulting in a firmware patch. #MeteoBridge #CVE-2025-4008
Keypoints
- ONEKEY platform detected a critical command injection vulnerability in MeteoBridge firmware.
- The web interface’s CGI shell scripts were vulnerable due to insecure eval calls.
- Attackers could exploit the flaw without authentication, gaining root access remotely.
- A coordinated disclosure led to a firmware update in version 6.2 to patch the vulnerability.
- The incident highlights the importance of automated static analysis in firmware security.