CVE-2025-34150

Vulnerability Description

The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) is vulnerable to command injection via the 'user' parameter. Input is processed unsafely during network setup, allowing attackers to execute arbitrary system commands with root privileges.

Related Weaknesses (CWE)

CWE-78

References

https://chocapikk.com/posts/2025/when-a-wifi-name-gives-you-root-part-two/
https://www.aliexpress.us/item/3256806767641280.html
https://www.vulncheck.com/advisories/shenzhen-aitemi-m300-wifi-repeater-pppoe-us

FAQ

What is CVE-2025-34150?

CVE-2025-34150 is a documented vulnerability. The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) is vulnerable to command injection via the 'user' parameter. Input is processed unsafely during netwo...

How severe is CVE-2025-34150?

CVSS scoring is not yet available for CVE-2025-34150. Check NVD for updates.

Is there a patch for CVE-2025-34150?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.