CVE-2018-17933

Name of the Vulnerable Software and Affected Versions VGo Robot versions 3.0.3.52164 through 3.0.3.53662 VGo Robot versions prior to 3.0.3.52164

Description The issue allows user accounts to execute commands outside their privileges, potentially within the scope of an admin account. If an attacker has access to VGo XAMPP Client credentials, they may be able to execute admin commands on the connected robot.

Recommendations For VGo Robot versions 3.0.3.52164 through 3.0.3.53662, update to a version that includes a fix for this issue. For VGo Robot versions prior to 3.0.3.52164, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to admin commands on the connected robot until a patch is available. Restrict access to VGo XAMPP Client credentials to minimize the risk of exploitation.