Primary

Context

Mobile Industrial Robots Command Injection Vulnerability in MiR Software Versions Prior to 3.0.0

Vulnerability

A command injection vulnerability has been identified in Mobile Industrial Robots (MiR) software versions prior to 3.0.0. This vulnerability allows authenticated users to send crafted HTTP requests that execute arbitrary commands on the underlying operating system.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands on the operating system, potentially allowing for further system compromise.

Remediation

Users are advised to update to the latest software version, at least version 3.0.0. If an immediate update is not possible, it is recommended to operate the MiR system in a segmented and secured network with strict firewall rules and to secure user accounts on the MiR system as recommended in the MiR Cybersecurity Guide.

Added: Aug 8, 2025, 11:17 AM

Updated: Aug 8, 2025, 11:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mobile Industrial Robots Command Injection Vulnerability in MiR Software Versions Prior to 3.0.0

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating