What is CVE-2025-34103?

CVE-2025-34103 is a vulnerability in Wepresent (Barco) Wipg-1000, classified under OS Command Injection. Published 2025-07-15.

Is CVE-2025-34103 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Wepresent (Barco) Wipg-1000

CVE-2025-34103

An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized befor…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.726 (98.8th percentile) — read the EPSS interpretation.

Affected products

Wepresent (Barco) Wipg-1000 — versions 0

Weakness classification (CWE)

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.redguard.ch/advisories/wepresent-wipg1000.txt (third-party-advisory)
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/l… (exploit)
www.exploit-db.com/exploits/41935 (exploit)
www.vulncheck.com/advisories/we-present-wi-pg-1000-unauthenticated-command-inje… (third-party-advisory)

Frequently asked questions

What is CVE-2025-34103?: CVE-2025-34103 is a vulnerability in Wepresent (Barco) Wipg-1000, classified under OS Command Injection. Published 2025-07-15.
Is CVE-2025-34103 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.