AL-KO Robolinho Update Software Hard-Coded AWS Keys Vulnerability

Vulnerability

A vulnerability exists in AL-KO Robolinho Update Software version 8.0.21.0610, where hard-coded AWS Access and Secret keys allow unauthorized access to AL-KO's AWS bucket. These keys could potentially grant more access than the application itself, with at least read access to some objects in the bucket. While the vendor was notified of this issue, they did not respond with details about the vulnerability or its affected version range.

Impact

Exploitation of this vulnerability could lead to unauthorized access to AL-KO's AWS bucket, with the potential for greater access than what the application provides. At a minimum, the vulnerability allows read access to certain objects in the bucket.

Added: Mar 30, 2026, 11:17 AM

Updated: Mar 30, 2026, 11:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

5.2

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

5.2

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AL-KO Robolinho Update Software Hard-Coded AWS Keys Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating