Product
An unauthenticated OS command injection vulnerability, CVE-2026-58457, exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02), allowing network-adjacent attackers to execute arbitrary shell commands and gain full root-level control by injecting unsanitized input into the `smacfilter_conf` handler's GET parameters within the `commuos` web backend.