CVE-2025-45467

HIGH

Unitree Go1 <= Go1_2022_05_11 - Insecure Firmware Update Permissions via MD5 Checksum

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-45467. PoCs published by zgsnj123.

AI-analyzed exploit summary The repository describes CVE-2025-45467, an insecure firmware verification vulnerability in Unitree Go1 robotic dogs, where MD5 checksums are used without digital signatures, allowing malicious firmware uploads. The PoC outlines steps to exploit this flaw for remote code execution and privilege escalation.

Description

Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update functionality (via Wi-Fi/Ethernet) implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation.

Exploits (1)

nomisec WRITEUP 1 stars

by zgsnj123 · poc

https://github.com/zgsnj123/CVE-2025-45467

View Code ZIP pw:eip

The repository describes CVE-2025-45467, an insecure firmware verification vulnerability in Unitree Go1 robotic dogs, where MD5 checksums are used without digital signatures, allowing malicious firmware uploads. The PoC outlines steps to exploit this flaw for remote code execution and privilege escalation.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Unitree Go1 firmware versions ≤ Go1_2022_05_11

No auth needed

Prerequisites: Access to official firmware · Network access to the robot (Wi-Fi/Ethernet) · Ability to modify firmware and recalculate MD5

MITRE ATT&CK

T1587.001 - Malware T1588.001 - Malware

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://github.com/zgsnj123/CVE-2025-45467/tree/main

View Exploit ZIP pw:eip

Product

https://www.unitree.com/cn/go1

Scores

CVSS v3 7.1

EPSS 0.0028

EPSS Percentile 19.6%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-276

Status published

Products (1)

unitree/go1_firmware

Published Jul 25, 2025

Tracked Since Feb 18, 2026