90 matches found
Cybersecurity AI: Humanoid Robots As Attack Vectors
We present a systematic security assessment of the Unitree G1 humanoid showing it operates simultaneously as a covert surveillance node and can be purposed as an active cyber operations platform. Partial reverse engineering of Unitree's proprietary FMX encryption reveal a static Blowfish-ECB laye...
CVE-2025-45467
Unitree Go1 = Go120220511 is vulnerable to Insecure Permissions as the firmware update functionality via Wi-Fi/Ethernet implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation...
CVE-2025-45466
Unitree Go1 = Go120220511 is vulnerale to Incorrect Access Control due to authentication credentials being hardcoded in plaintext...
CVE-2025-45466
Unitree Go1 = Go120220511 is vulnerale to Incorrect Access Control due to authentication credentials being hardcoded in plaintext...
CVE-2025-45467
Unitree Go1 = Go120220511 is vulnerable to Insecure Permissions as the firmware update functionality via Wi-Fi/Ethernet implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation...
CVE-2025-45466
Unitree Go1 = Go120220511 is vulnerale to Incorrect Access Control due to authentication credentials being hardcoded in plaintext...
Unitree Go1 安全漏洞
Unitree Go1 is a bionic quadrupedal robot from the Chinese company Yu Shu Unitree. A security vulnerability exists in Unitree Go1 Go120220511 and prior versions, which stems from an insufficient MD5 checksum mechanism that could lead to a firmware integrity corruption...
PT-2025-30849 · Unitree · Unitree Go 1
Name of the Vulnerable Software and Affected Versions: Unitree Go1 versions Go1 2022 05 11 and earlier Description: The firmware update functionality via Wi-Fi/Ethernet implements an insecure verification mechanism that relies solely on MD5 checksums for firmware integrity validation...
CVE-2025-45467
CVE-2025-45467 affects Unitree Go1 firmware (Go1_2022_05_11 and earlier). The vulnerability is an insecure firmware verification mechanism in the update process (via Wi‑Fi/Ethernet) that relies solely on MD5 checksums, enabling potential tampering of the official firmware. Reported impacts includ...
CVE-2025-45467
Unitree Go1 = Go120220511 is vulnerable to Insecure Permissions as the firmware update functionality via Wi-Fi/Ethernet implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation...
CVE-2025-45466
Unitree Go1 = Go120220511 is vulnerale to Incorrect Access Control due to authentication credentials being hardcoded in plaintext...
PT-2025-30848 · Unitree · Unitree Go 1
Name of the Vulnerable Software and Affected Versions: Unitree Go1 versions through Go1 2022 05 11 Description: The Unitree Go1 is susceptible to an incorrect access control issue. This is due to authentication credentials being hardcoded in plaintext. Recommendations: Unitree Go1 versions throug...
CVE-2025-45466
CVE-2025-45466 affects Unitree Go1 (and Go1_2022_05_11 and older) due to hardcoded plaintext credentials causing an Improper Access Control vulnerability. The issue enables network-based access with no user interaction, requiring low privileges and low attack complexity; the impact is high confid...
Unitree Go1 安全漏洞
Unitree Go1 is a bionic quadrupedal robot from the Chinese company Yu Shu Unitree. A security vulnerability exists in Unitree Go1 Go120220511 and prior versions, which stems from hard-coded credentials and could lead to improper access control...
Exploit for CVE-2025-45467
CVE-2025-45467: Insecure Firmware Verification in Unitree Go1...
Exploit for CVE-2025-45466
CVE-2025-45466 It is the details of CVE-2025-45466 CVE Disc...
CVE-2025-2894 Unitree Go1 Robot Dog Backdoor Control Channel
The Go1 also known as "The World's First Intelligence Bionic Quadruped Robot Companion of Consumer Level," contains an undocumented backdoor that can enable the manufacturer, and anyone in possession of the correct API key, complete remote control over the affected robotic device using the...
Unitree Go 1 安全漏洞
Unitree Go 1 is a robotic dog from the Chinese company Unitree. Unitree Go 1 suffers from a security vulnerability that stems from an undocumented backdoor that could lead to full remote control of the device by the manufacturer or a person in possession of an API key...
CVE-2023-3104 Missing Authentication for Critical Function in Unitree Robotics A1
Lack of authentication vulnerability. An unauthenticated local user is able to see through the cameras using the web server due to the lack of any form of authentication...
CVE-2023-3103 Authentication Bypass by Spoofing in Unitree Robotics A1
Authentication bypass vulnerability, the exploitation of which could allow a local attacker to perform a Man-in-the-Middle MITM attack on the robot's camera video stream. In addition, if a MITM attack is carried out, it is possible to consume the robot's resources, which could lead to a...