Open Robotics · Ros Noetic · CVE-2021-37146
**Name of the Vulnerable Software and Affected Versions**
ROS Melodic versions 1.4.11 and earlier
ROS Noetic versions 1.15.11 and earlier
**Description**
The issue is related to an infinite loop in the Open Robotics ros comm XMLRPC server, which allows remote attackers to cause a Denial of Service in ros comm via a crafted XMLRPC call.
**Recommendations**
For ROS Melodic version 1.4.11 and earlier, update to a version later than 1.4.11 to resolve the issue.
For ROS Noetic version 1.15.11 and earlier, update to a version later than 1.15.11 to resolve the issue.