Описание
Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update functionality (via Wi-Fi/Ethernet) implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation.
Ссылки
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:unitree:go1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unitree:go1:-:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00033
Низкий
7.1 High
CVSS3
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 7.1
github
7 месяцев назад
Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update functionality (via Wi-Fi/Ethernet) implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation.
EPSS
Процентиль: 9%
0.00033
Низкий
7.1 High
CVSS3
Дефекты
CWE-276