CVE-2025-45466
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-10-17
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unitree | go1_firmware | to Go1_2022_05_11 (inc) |
| unitree | go1 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-45466 is a vulnerability in the Unitree Go1 robotic dog firmware (up to version Go1_2022_05_11) caused by hardcoded plaintext authentication credentials embedded in the script file `/run.sh`. These credentials are used for SSH and SCP access, allowing attackers to extract the firmware, find the password, and gain unauthorized access to the device. This leads to incorrect access control and compromises the device's security. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to gain root-level access to the Unitree Go1 robot remotely or locally via Wi-Fi or Ethernet. With such access, the attacker can execute arbitrary code, escalate privileges, and disclose sensitive information, potentially leading to full compromise of the device and any connected systems. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by extracting the firmware package and searching for hardcoded passwords in the `/run.sh` script file. For example, you can download the firmware (e.g., Go1_2022_05_11_e0d0e617.zip), extract it, and run the command `grep -i "password" run.sh` to locate plaintext credentials. Additionally, you can attempt to connect to the robot via SSH using the extracted credentials with `ssh root@<robot_ip>` to verify unauthorized access. [1]