A critical, unauthenticated OS command injection flaw in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) lets network-adjacent attackers run arbitrary shell commands as root.
What Is It
CVE-2026-58457 is an unauthenticated OS command injection vulnerability (CWE-78) in the Shenzhen Aitemi M300 Wi-Fi Repeater, hardware model MT02. The flaw lives in the smacfilter_conf handler within the device's commuos web backend. Attacker-supplied input to the name, enable, or mac GET parameters is passed—without sanitization—into sprintf() to build uci shell commands, which are then executed via doSystemCmdComlib(). By appending semicolon-delimited payloads to those parameters, an attacker injects and executes arbitrary commands.
Why It Matters
The vulnerability requires no authentication and no user interaction, and it grants full root-level control of the device. It carries a CVSS 3.1 base score of 9.8 (Critical) with vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, and a CVSS 4.0 score of 9.3 (Critical). Because the attack vector is network-based with low complexity and no privileges required, a successful exploit fully compromises the confidentiality, integrity, and availability of the affected repeater. There is no CISA KEV entry in the supplied data, so active exploitation is not confirmed at this time.
What's Vulnerable
- Vendor: Shenzhen Aitemi E Commerce Co. Ltd.
- Product: M300 Wi-Fi Repeater
- Hardware model: MT02
- Affected versions: All versions (
*) are marked affected.
Patch Status
The supplied source material does not list a fixed version, patch, or vendor remediation guidance, and there is no CISA KEV required-action entry. Until a fix is confirmed, exposure should be limited by restricting network access to the affected devices.