Primary

Context

Unitree Go1 Incorrect Access Control Vulnerability Allowing Remote Code Execution

Vulnerability

A vulnerability exists in the Unitree Go1 robotic dog, specifically in all versions through Go1_2022_05_11. The issue stems from hardcoded plaintext authentication credentials, which create incorrect access control. This vulnerability allows remote or local attackers to gain unauthorized access to the robot via SSH or SCP. Exploitation of this flaw could lead to remote code execution, privilege escalation, and information disclosure.

Impact

Exploitation of this vulnerability allows for remote code execution with root privileges on the affected device.

Reproduction

To reproduce this vulnerability, download the affected firmware version Go1_2022_05_11. Extract the firmware and inspect the run.sh script for hardcoded plaintext credentials. These credentials can be used to SSH into the robot as the root user. Once logged in, full control over the robot with root permissions is granted.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

7.5

exploitability

6.0

remediation

6.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

7.5

exploitability

6.0

remediation

6.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Unitree Go1 Incorrect Access Control Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

Unitree Go1

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating