CVE-2025-34152 PoC — Itemir M300 Wi-Fi Repeater 安全漏洞

Source

https://github.com/kh4sh3i/CVE-2025-34152

Associated Vulnerability

Title:Itemir M300 Wi-Fi Repeater 安全漏洞 (CVE-2025-34152)
Description:Itemir M300 Wi-Fi Repeater是中国艾特米（Itemir）公司的一个无线中继器。 Itemir M300 Wi-Fi Repeater存在安全漏洞，该漏洞源于time参数未清理，可能导致未经验证的远程命令注入攻击。

Description

Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE (CVE-2025-34152)

Readme

# ⚠️ CVE-2025-34152 – Shenzhen Aitemi M300 Wi-Fi Repeater RCE

## 🚨 Overview

Shenzhen Aitemi M300 Wi-Fi Repeater is affected by an **unauthenticated remote code execution (RCE)**.

* No login required
* Does **not** reboot the device
* Can be exploited remotely

---

## 🛠 Vulnerable Versions

| Version | Status                  |
| ------- | ----------------------- |
| 1.0.x   | ❌ Vulnerable            |
| 1.1.x   | ❌ Vulnerable            |
| 1.2.x   | ❌ Vulnerable            |
| 2.0.x   | ⚠️ Check Vendor Updates |

---

## 💡 Remediation

* Update to the latest firmware from vendor
* Restrict management interface access (LAN only)
* Enable firewall rules to block WAN access
* Monitor logs for suspicious requests

---


---

## 🧪 PoC (Lab Use Only)

> ⚠️ Do **not** use on public devices, only in a controlled lab environment.

```bash
go run CVE-2025-34152.go
```

---
## 🔗 References

* [CVE Details](https://www.cvedetails.com/cve/CVE-2025-34152)
* Vendor Advisory: Shenzhen Aitemi official site
* Exploit analysis: Security blogs

File Snapshot


 [4.0K]  /data/pocs/c40cfc14d0497838f69d4ef9cf5aaff3ccb8fc6b
├── [2.0K]  CVE-2025-34152.go
├── [6.9K]  LICENSE
└── [1.1K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!