Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-34152 PoC — Itemir M300 Wi-Fi Repeater 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-34152.yaml
Associated Vulnerability
Title:Itemir M300 Wi-Fi Repeater 安全漏洞 (CVE-2025-34152)
Description:Itemir M300 Wi-Fi Repeater是中国艾特米(Itemir)公司的一个无线中继器。 Itemir M300 Wi-Fi Repeater存在安全漏洞,该漏洞源于time参数未清理,可能导致未经验证的远程命令注入攻击。
Description
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.
File Snapshot

 id: CVE-2025-34152

info:
  name: Shenzhen Aitemi M300 Wi-Fi Repeater – Unauthenticated Remote Comma

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.