How the vulnerability works and why it matters

2 hours ago techradar.com

Security researchers Bin4ry and d0tslash have published a write-up on GitHub about an exploit named "UniPwn" which affects multiple Unitree product lines.

The vulnerability affects G1 humanoids, Go2, and B2 quadrupeds, and it can be used to escalate privileges to root.

It appears to chain together weaknesses that, when combined, permit remote command injection on affected devices.

'Unforgivable Exposure': More than 200,000 industrial systems are needlessly exposed to the web and hackers - and there's no absolutely excuse

Security flaws in key Nvidia enterprise tool could have let hackers run malware on Windows and Linux systems

Hacker using backdoor to exploit SonicWall Secure Mobile Access to steal credentials

The vulnerability set reportedly includes hardcoded cryptographic keys and a handshake that checks only for the string "unitree", and also includes unsanitized user data concatenated into shell commands the system runs.

Those elements combine into an unusually straightforward path from a ...

Copyright of this story solely belongs to techradar.com . To see the full text click HERE

Share: