← back
CVE-2025-34152

Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via Time Parameter

CVSS 9.4 CRITICALEPSS 61.7%CWE-78
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Shenzhen Aitemi E Commerce Co. Ltd. · M300 Wi-Fi Repeater
public PoCs found3
githubgithub.com/Chocapikk/CVE-2025-341525githubgithub.com/kh4sh3i/CVE-2025-341522cve_referencechocapikk.com/posts/2025/when-a-wifi-name-gives-you-root-part-two/unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://chocapikk.com/posts/2025/when-a-wifi-name-gives-you-root-part-two/https://www.aliexpress.us/item/3256806767641280.htmlhttps://www.vulncheck.com/advisories/shenzhen-aitemi-m300-wifi-repeater-os-command-injection-via-time-parameter