43 matches found
Universal Robots Polyscope 5
ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for...
CVE-2026-8153
OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS...
EUVD-2026-28548
OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.21.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS...
CVE-2026-8153 Command injection in Dashboard Server interface
OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS...
CVE-2026-8153
OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS...
CVE-2026-8153
CVE-2026-8153 describes an OS command injection in the Dashboard Server interface of Universal Robots’ PolyScope (versions prior to 5.21.1). The vulnerability allows an unauthenticated attacker over the network to craft commands that execute code on the robot’s OS, with critical impact (CVSS v3.1...
PT-2026-38911
Name of the Vulnerable Software and Affected Versions Universal Robots PolyScope versions prior to 5.25.1 Description OS command injection in the Dashboard Server interface allows an unauthenticated attacker with network access to the Dashboard Server port to craft commands that execute arbitrary...
EUVD-2020-2722
Malware in sbrugna...
EUVD-2020-2721
Malware in sbrugna...
EUVD-2018-2707
Malware in sbrugna...
EUVD-2020-2745
Malware in sbrugna...
EUVD-2018-2705
Malware in sbrugna...
Authentication flaw
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication...
CVE-2020-10290
Universal Robots controller execute URCaps zip files containing Java-powered applications without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor...
CVE-2020-10290 RVD#1495: Universal Robots URCaps execute with unbounded privileges
Universal Robots controller execute URCaps zip files containing Java-powered applications without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor...
CVE-2020-10290
The CVE-2020-10290 issue affects Universal Robots URCaps: zip-based URCaps deployable by the UR controller allow execution with unbounded privileges via a Java-powered URCap. The root cause is execution of URCaps without permission restrictions, using a broad API that can compromise robot operati...
CVE-2020-10267
Universal Robots control box CB 3.1 across firmware versions tested on 1.12.1, 1.12, 1.11 and 1.10 does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components URCaps. These files .urcaps are stored under...
CVE-2020-10267
Universal Robots control box CB 3.1 across firmware versions tested on 1.12.1, 1.12, 1.11 and 1.10 does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components URCaps. These files .urcaps are stored under...
CVE-2020-10265
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safe...
CVE-2020-10265
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safe...