4 matches found
EUVD-2018-8952
Malware in sbrugna...
Design/Logic Flaw
An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands sent to /bin/webserver on port 8081 if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though th...
CVE-2018-17178
An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands sent to /bin/webserver on port 8081 if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though th...
CVE-2018-17178
The CVE affects Neato Botvac Connected 2.2.0 devices. When an active session exists, unauthenticated manual drive commands sent to /bin/webserver:8081 (e.g., forward, back, arc-left, arc-right, pivot-left, pivot-right) can be executed despite the websocket returning {"message": "invalid authoriza...