CVE-2023-3104 Missing Authentication for Critical Function in Unitree Robotics A1

Lack of authentication vulnerability. An unauthenticated local user is able to see through the cameras using the web server due to the lack of any form of authentication...

CVE-2023-3103 Authentication Bypass by Spoofing in Unitree Robotics A1

Authentication bypass vulnerability, the exploitation of which could allow a local attacker to perform a Man-in-the-Middle MITM attack on the robot's camera video stream. In addition, if a MITM attack is carried out, it is possible to consume the robot's resources, which could lead to a...