CVE-2025-41110

Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This vulnerability allows an attacker to connect to the robot's WiFi and view all its data, as it runs on ROS 2 without default authentication. In addition, the attacker can connect via SSH and gain full...

CVE-2025-41110

CVE-2025-41110 affects Ghost Robotics Vision 60, specifically APK v0.27.2. The issue arises from an authorization flaw in the ROS 2 stack, permitting connections to the robot’s WiFi and SSH without authentication. Consequences stated across sources include data exposure and full control of the ro...

EUVD-2025-35344

The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an attacker to send commands to the robot from an external attack station, impersonating the control station tablet and gaining unauthorised full control of the robot. The absence of encryption and authenticati...

Ghost Robotics Vision 60 授权问题漏洞

Ghost Robotics Vision 60 is a quadrupedal ground robot from Ghost Robotics, USA. An authorization issue vulnerability exists in Ghost Robotics Vision 60 version v0.27.2, which stems from a lack of encryption and authentication mechanisms in the communication protocol that could lead to unauthoriz...

Ghost Robotics Vision 60 信任管理问题漏洞

Ghost Robotics Vision 60 is a quadrupedal ground robot from Ghost Robotics, USA. A trust management issue vulnerability exists in Ghost Robotics Vision 60 version v0.27.2, which stems from the lack of an authentication mechanism for the physical interface, which could allow an attacker to access...

PT-2025-43061

Name of the Vulnerable Software and Affected Versions Ghost Robotics Vision 60 version 0.27.2 Description The Ghost Robotics Vision 60 APK version 0.27.2 contains exposed encrypted WiFi and SSH credentials. An attacker can connect to the robot’s WiFi network and access all its data, as the system...