CVE-2025-45467

High CVSS: 7.1

Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update functionality (via Wi-Fi/Ethernet) implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation.

Vendor

Unitree

Product

Go1 Firmware

CWE

CWE-276

Yayın Tarihi

2025-07-25 15:15:29

Güncelleme

2026-01-12 16:28:20

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-276 Go1 Firmware HIGH Unitree 2025

Referanslar

https://github.com/zgsnj123/CVE-2025-45467/tree/main https://www.unitree.com/cn/go1

Benzer Kayıtlar

High

CVE-2026-1442

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an a…

High

CVE-2026-27509

Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorizati…

Medium

CVE-2026-27510

Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.dogg…

High

CVE-2025-35027

Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a com…

High

CVE-2025-45466

Unitree Go1

Medium

CVE-2025-2894

The Go1 also known as "The World's First Intelligence Bionic Quadruped Robot Companion of Consumer Level," contains an u…