Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-10265
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
RVD#1443: UR dashboard server enables unauthenticated remote control of core robot functions
Source: NVD (National Vulnerability Database)
Vulnerability Description
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. The DashBoard server is not protected by any kind of authentication or authorization.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键功能的认证机制缺失
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Universal Robots产品访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
多款Universal Robots产品中存在访问控制错误漏洞。攻击者可利用该漏洞控制核心的机器人功能(例如,启动/停止程序等功能)。以下产品及版本受到影响:Universal Robots UR 10(3.0.14989版本至3.3.3.292版本,1.4及之前版本);Universal Robots UR 3(3.0.14989版本至3.3.3.292版本);Universal Robots UR 5(3.0.14989版本至3.3.3.292版本,1.4及之前版本);Universal Robots
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Universal RobotsUniversal Robots Robot Controllers CB 2, CB3, e-series unspecified -
II. Public POCs for CVE-2020-10265
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2020-10265
Please Login to view more intelligence information
New Vulnerabilities
Vendor: Universal Robots
Same weakness: CWE-306
V. Comments for CVE-2020-10265

No comments yet

Leave a comment