128 matches found
CVE-2025-60250
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...
CVE-2025-35027
Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a command injection vulnerability. By setting a malicious string when configuring the on-board WiFi via a BLE module of an affected robot, then triggering a restart of the WiFi...
CVE-2025-35027
Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a command injection vulnerability. By setting a malicious string when configuring the on-board WiFi via a BLE module of an affected robot, then triggering a restart of the WiFi...
CVE-2025-35027
CVE-2025-35027 affects Unitree Go2, G1, H1, and B2 robotic devices sharing a common firmware (MIT Cheetah). It enables command injection by supplying a malicious string during BLE-configured WiFi setup and triggering a WiFi service restart, allowing commands to run as root via the wpa_supplicant_...
CVE-2025-35027 Unitree Multiple Robotic Products Command Injection
Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a command injection vulnerability. By setting a malicious string when configuring the on-board WiFi via a BLE module of an affected robot, then triggering a restart of the WiFi...
CVE-2025-60250
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...
CVE-2025-60251
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring...
PT-2025-39471
Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through September 20, 2025 Description The devices accept any handshake secret containing the substring 'unitree'. This allows unauthorized access and control of the devices. Recommendations Update devices t...
CVE-2025-60250
Unitree Go2, G1, H1, and B2 devices have a vulnerability (CVE-2025-60250) where BLE packet data can be decrypted using the specific key df98b715d5c6ed2b25817b6f2554124a and IV 2841ae97419c2973296a0d4bdfe19a4f. Connected sources confirm this cryptographic exposure through 2025-09-20; CVSS shows Ad...
Unitree多款产品 安全漏洞
Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree H1 is a humanoid robot. A security vulnerability exists in several Unitree products, which stems from an ...
Unitree多款产品 安全漏洞
Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree H1 is a humanoid robot. A security vulnerability exists in several Unitree products that stems from the u...
CVE-2025-60017
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapdrestart.sh wifissid or wifipass parameter within restartwifiap and restartwifista...
CVE-2025-60250
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...
PT-2025-39470
Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through 2025-09-20 Description The devices decrypt Bluetooth Low Energy BLE packet data using a fixed key df98b715d5c6ed2b25817b6f2554124a and Initialization Vector IV 2841ae97419c2973296a0d4bdfe19a4f. This...
CVE-2025-60017
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapdrestart.sh wifissid or wifipass parameter within restartwifiap and restartwifista...
Unitree多款产品 安全漏洞
Unitree Go2 and others are products of Unitree, a Chinese company.Unitree Go2 is a robot dog.Unitree G1 is a humanoid robot.Unitree H1 is a humanoid robot. A security vulnerability exists in various Unitree products that stems from unverified input when configuring onboard WiFi via a BLE module,...
PT-2025-39469
Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through 2025-09-20 Description The devices allow for root operating system command injection. This is possible through the hostapd restart.sh script, specifically via the wifi ssid or wifi pass parameters...
CVE-2025-60251
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring...
CVE-2025-60250
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...
CVE-2025-60251
Unitree Go2, G1, H1, and B2 devices (through 2025-09-20) accept any handshake secret containing the unitree substring, enabling unauthorized access and control. CVSSv3.1 base score 5.0 (Medium) with adjacent attack vector, high attack complexity, and no privileges required. The issue affects the ...