Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

90 matches found

NVD
NVDadded 2025/09/26 1:15 a.m.10 views

CVE-2025-60251

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring...

5CVSS0.00182EPSS
Exploits0References3
NVD
NVDadded 2025/09/26 1:15 a.m.10 views

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

4.7CVSS0.00177EPSS
Exploits0References3
NVD
NVDadded 2025/09/26 1:15 a.m.7 views

CVE-2025-60017

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapdrestart.sh wifissid or wifipass parameter within restartwifiap and restartwifista...

8.2CVSS0.01096EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.4 views

PT-2025-39471

Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through September 20, 2025 Description The devices accept any handshake secret containing the substring 'unitree'. This allows unauthorized access and control of the devices. Recommendations Update devices t...

5CVSS6.6AI score0.00182EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.5 views

PT-2025-39519

Name of the Vulnerable Software and Affected Versions Unitree robotic products Go2, G1, H1, and B2 devices Description Multiple Unitree robotic products sharing a common firmware contain a command injection issue. An attacker can inject a malicious string during WiFi configuration via a BLE modul...

8.2CVSS7.6AI score0.02279EPSS
Exploits1References22
CNNVD
CNNVDadded 2025/09/26 12:0 a.m.4 views

Unitree多款产品 安全漏洞

Unitree Go2 and others are products of Unitree, a Chinese company.Unitree Go2 is a robot dog.Unitree G1 is a humanoid robot.Unitree H1 is a humanoid robot. A security vulnerability exists in various Unitree products that stems from unverified input when configuring onboard WiFi via a BLE module,...

7.3CVSS6.9AI score0.02279EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2025/09/26 12:0 a.m.5 views

CVE-2025-60017

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapdrestart.sh wifissid or wifipass parameter within restartwifiap and restartwifista...

8.2CVSS7.3AI score0.01096EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/26 12:0 a.m.5 views

Unitree多款产品 安全漏洞

Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree H1 is a humanoid robot. A security vulnerability exists in several Unitree products, which stems from an ...

8.2CVSS7.1AI score0.01096EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.5 views

PT-2025-39469

Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through 2025-09-20 Description The devices allow for root operating system command injection. This is possible through the hostapd restart.sh script, specifically via the wifi ssid or wifi pass parameters...

8.2CVSS6.8AI score0.01096EPSS
Exploits0References11
CVE
CVEadded 2025/09/26 12:0 a.m.19 views

CVE-2025-60017

CVE-2025-60017 affects Unitree Go2, G1, H1 and B2 devices through 2025-09-20. The root cause is a command injection in the hostapd_restart.sh flow, triggered by crafted values for wifi_ssid or wifi_pass used by restart_wifi_ap and restart_wifi_sta. This leads to potential root-level command execu...

8.2CVSS7.3AI score0.01096EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/26 12:0 a.m.10 views

CVE-2025-60017

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapdrestart.sh wifissid or wifipass parameter within restartwifiap and restartwifista...

8.2CVSS0.01096EPSS
Exploits0References3
CVE
CVEadded 2025/09/26 12:0 a.m.23 views

CVE-2025-60251

Unitree Go2, G1, H1, and B2 devices (through 2025-09-20) accept any handshake secret containing the unitree substring, enabling unauthorized access and control. CVSSv3.1 base score 5.0 (Medium) with adjacent attack vector, high attack complexity, and no privileges required. The issue affects the ...

5CVSS6.6AI score0.00182EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.4 views

PT-2025-39470

Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through 2025-09-20 Description The devices decrypt Bluetooth Low Energy BLE packet data using a fixed key df98b715d5c6ed2b25817b6f2554124a and Initialization Vector IV 2841ae97419c2973296a0d4bdfe19a4f. This...

4.7CVSS6.5AI score0.00177EPSS
Exploits0References9
CVE
CVEadded 2025/09/26 12:0 a.m.15 views

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices have a vulnerability (CVE-2025-60250) where BLE packet data can be decrypted using the specific key df98b715d5c6ed2b25817b6f2554124a and IV 2841ae97419c2973296a0d4bdfe19a4f. Connected sources confirm this cryptographic exposure through 2025-09-20; CVSS shows Ad...

4.7CVSS6.6AI score0.00177EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/26 12:0 a.m.2 views

Unitree多款产品 安全漏洞

Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, and Unitree H1 is a humanoid robot. A security vulnerability exists in various Unitree products that originates from the acceptance of an arbitrary handshake key containing a substring of unitree. The following products and versions are...

5CVSS6.8AI score0.00182EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/26 12:0 a.m.5 views

Unitree多款产品 安全漏洞

Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree H1 is a humanoid robot. A security vulnerability exists in several Unitree products that stems from the u...

4.7CVSS6.4AI score0.00177EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/09/26 12:0 a.m.1 views

CVE-2025-60251

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring...

5CVSS6.5AI score0.00182EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/09/26 12:0 a.m.4 views

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

4.7CVSS6.6AI score0.00177EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/26 12:0 a.m.8 views

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

4.7CVSS0.00177EPSS
Exploits0References3
GithubExploit
GithubExploitadded 2025/09/20 6:37 a.m.159 views

Exploit for CVE-2025-2894

Unitree Robot BLE Service Command Injection Analysis !Meme...

6.6CVSS7.8AI score0.00588EPSS
Exploits2
Rows per page
Query Builder