CVE-2025-34148 is a critical OS command injection vulnerability affecting the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). The flaw arises when the device is configured in WISP (Wireless Internet Service Provider) mode. Specifically, the 'ssid' parameter, which is used to set the wireless network name, is passed directly and unsanitized to system-level scripts. This lack of input validation allows an unauthenticated attacker within Wi-Fi range to inject arbitrary shell commands. Because these commands execute with root privileges, the attacker gains full control over the device. The vulnerability is classified under CWE-78, indicating improper neutralization of special elements used in OS commands. The CVSS v4.0 score is 9.4 (critical), reflecting the high impact and ease of exploitation without authentication or user interaction. No patches are currently available, and no known exploits have been observed in the wild yet. The vulnerability affects all versions of the M300 Wi-Fi Repeater, making it a widespread risk for users of this device. The root cause is insecure handling of user input in device configuration scripts, a common but severe security oversight in embedded IoT devices. Exploitation could lead to device takeover, network pivoting, data interception, or use of the device as a foothold for further attacks within a local network.

For European organizations, this vulnerability poses a significant risk, especially for small and medium enterprises or home offices that rely on Shenzhen Aitemi M300 Wi-Fi Repeaters for network extension. Successful exploitation grants attackers root-level access to the device, enabling them to intercept or manipulate network traffic, deploy malware, or establish persistent backdoors. This can compromise confidentiality and integrity of sensitive data transmitted over the network. Additionally, attackers could disrupt availability by altering device configurations or causing denial of service. Given the device’s role as a network repeater, compromise could facilitate lateral movement into corporate networks, bypassing perimeter defenses. The unauthenticated nature of the exploit and lack of required user interaction increase the likelihood of attacks in environments with exposed Wi-Fi signals. The vulnerability also raises compliance concerns under GDPR if personal data is intercepted or manipulated. Organizations using these devices in critical infrastructure or sensitive environments face heightened operational and reputational risks.

Immediate mitigation steps include isolating the affected M300 Wi-Fi Repeaters on separate VLANs or network segments to limit potential lateral movement. Disable WISP mode if not required, as this is the attack vector. Network administrators should monitor wireless networks for suspicious SSID configurations or unexpected device behavior. Since no official patches are available, consider replacing the affected devices with models from vendors with a stronger security track record. If replacement is not feasible, implement strict Wi-Fi access controls, including strong encryption (WPA3 if supported) and MAC address filtering to restrict access to trusted clients only. Regularly audit device firmware versions and configurations. Employ network intrusion detection systems (NIDS) capable of detecting anomalous command injection patterns or unusual root-level activity on IoT devices. Engage with Shenzhen Aitemi for updates and patches, and subscribe to vulnerability advisories. Finally, educate users about the risks of connecting to untrusted Wi-Fi repeaters and the importance of device security hygiene.