The Meatmeet Pro is an ESP32-based development board used for IoT projects. This vulnerability allows attackers to exploit hardcoded Wi-Fi credentials in the firmware, potentially gaining unauthorized access to the device's network if they can retrieve this information and determine the physical location of the test network it was developed on.
You're affected if you use Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.
Contact the vendor directly for a patched firmware update.
Immediate mitigations:
- Restrict network access to your Meatmeet Pro instance (firewall it from the public internet)
- Audit admin account activity for suspicious access patterns
- Monitor for unauthorized token creation