Vulnerabilities (CVE)

Filtered by vendor Unitree Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-3104 1 Unitree 2 A1, A1 Firmware 2024-11-21 N/A 5.7 MEDIUM
Lack of authentication vulnerability. An unauthenticated local user is able to see through the cameras using the web server due to the lack of any form of authentication.
CVE-2023-3103 1 Unitree 2 A1, A1 Firmware 2024-11-21 N/A 8.0 HIGH
Authentication bypass vulnerability, the exploitation of which could allow a local attacker to perform a Man-in-the-Middle (MITM) attack on the robot's camera video stream. In addition, if a MITM attack is carried out, it is possible to consume the robot's resources, which could lead to a denial-of-service (DOS) condition.
CVE-2022-2675 1 Unitree 2 Go 1, Go 1 Firmware 2024-11-21 N/A 6.5 MEDIUM
Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0.1.9 (using firmware version 0.1.35) can be powered down by an attacker within normal RF range without authentication. Other versions may be affected, such as the A1.