Description
Lack of authentication vulnerability. An unauthenticated local user is able to see through the cameras using the web server due to the lack of any form of authentication.
References (1)
Core 1
Core References
Scores
CVSS v3
5.7
EPSS
0.0055
EPSS Percentile
41.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-306
Status
published
Products (1)
unitree/a1_firmware
Published
Nov 22, 2023
Tracked Since
Feb 18, 2026