Smartbedded Meteobridge command injection (CVE-2025-4008)
Vulnerability
Summary
Hide ▲
Show ▼
CVE-2025-4008 in Smartbedded Meteobridge has been added to CISA's KEV catalog after evidence of active exploitation, putting exposed devices at risk of unauthenticated root command execution. The flaw is a command injection issue in the Meteobridge web interface that can be reached through the public template.cgi script. A fix shipped in Meteobridge 6.2 on May 13, 2025, so affected operators need to upgrade promptly.
Related Happenings
CISA KEV listing for Wing FTP CVE-2025-47813
Public Sector Action
First: 17.03.2026 07:23
Last: 17.03.2026 07:23
Sources 1
About this happening:
CISA added **CVE-2025-47813** in **Wing FTP Server** to the **KEV catalog** after evidence of **active exploitation**, putting the flaw under formal government tracking. The listi...
CISA KEV listing for Wing FTP CVE-2025-47813
Public Sector ActionAbout this happening: CISA added **CVE-2025-47813** in **Wing FTP Server** to the **KEV catalog** after evidence of **active exploitation**, putting the flaw under formal government tracking. The listi...
CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551
Public Sector Action
First: 04.02.2026 07:50
Last: 04.02.2026 07:50
Sources 1
About this happening:
**CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...
CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551
Public Sector ActionAbout this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...
FortiWeb CVE-2025-58034 mitigation advisory
Advisory/Mitigation
First: 19.11.2025 06:20
Last: 19.11.2025 06:20
Sources 1
About this happening:
**FortiWeb** operators were told to **upgrade affected releases** after **Fortinet** tied the advisory to **CVE-2025-58034** and said the flaw had been **exploited in the wild**....
FortiWeb CVE-2025-58034 mitigation advisory
Advisory/MitigationAbout this happening: **FortiWeb** operators were told to **upgrade affected releases** after **Fortinet** tied the advisory to **CVE-2025-58034** and said the flaw had been **exploited in the wild**....
CISA KEV addition for Smartbedded Meteobridge CVE-2025-4008
Public Sector Action
First: 03.10.2025 11:23
Last: 03.10.2025 11:23
Sources 1
How related:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Smartbedded Meteobridge to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
About this happening:
CISA added **CVE-2025-4008** in **Smartbedded Meteobridge** to the **KEV catalog**, signaling **active exploitation** and requiring **FCEB agencies** to apply updates by **October...
CISA KEV addition for Smartbedded Meteobridge CVE-2025-4008
Public Sector ActionHow related: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Smartbedded Meteobridge to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
About this happening: CISA added **CVE-2025-4008** in **Smartbedded Meteobridge** to the **KEV catalog**, signaling **active exploitation** and requiring **FCEB agencies** to apply updates by **October...
CISA adds CVE-2025-5086 to KEV catalog
Public Sector Action
First: 12.09.2025 14:03
Last: 12.09.2025 14:03
Sources 1
About this happening:
**CISA** added **CVE-2025-5086** affecting **Dassault Systèmes DELMIA Apriso MOM** to its **Known Exploited Vulnerabilities (KEV) catalog**, formalizing the flaw as an actively ex...
CISA adds CVE-2025-5086 to KEV catalog
Public Sector ActionAbout this happening: **CISA** added **CVE-2025-5086** affecting **Dassault Systèmes DELMIA Apriso MOM** to its **Known Exploited Vulnerabilities (KEV) catalog**, formalizing the flaw as an actively ex...
Latest development: 12.09.2025 19:19
Dassault Systèmes disclosed a deserialization of untrusted data vulnerability in DELMIA Apriso that can lead to remote code execution, affecting Release 2020 through Release 2025.
Timeline
-
03.10.2025 11:23 1 articles · 7mo ago
Meteobridge 6.2 fixes CVE-2025-4008
Mitigation Patch UpdateMeteobridge version 6.2 addressed CVE-2025-4008, a command injection flaw in the Meteobridge web interface exposed through /cgi-bin/template.cgi that can enable arbitrary command execution with elevated privileges on affected devices.
Show sources
- CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild — thehackernews.com — 03.10.2025 11:23
-
03.10.2025 11:23 2 articles · 7mo ago
CISA adds CVE-2025-4008 to KEV after active exploitation
Initial DisclosureCISA added Smartbedded Meteobridge CVE-2025-4008 to the Known Exploited Vulnerabilities catalog after evidence of active exploitation, citing a command injection flaw in the web interface that can give remote unauthenticated attackers arbitrary command execution with root privileges on affected devices. No public report in the body describes how CVE-2025-4008 is being exploited in the wild.
Show sources
- CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild — thehackernews.com — 03.10.2025 11:23
- CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild — thehackernews.com — 03.10.2025 11:23
-
03.10.2025 11:23 1 articles · 7mo ago
FCEB remediation deadline for CVE-2025-4008
Legal Policy Action UpdateFederal Civilian Executive Branch agencies were required to apply the necessary updates for CVE-2025-4008 by October 23, 2025, as part of CISA's response to active exploitation of Smartbedded Meteobridge devices.
Show sources
- CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild — thehackernews.com — 03.10.2025 11:23