Konstantin Severov

**Name of the Vulnerable Software and Affected Versions** Unitree robotic products (Go2, G1, H1, and B2 devices) **Description** Multiple Unitree robotic products sharing a common firmware contain a command injection issue. An attacker can inject a malicious string during WiFi configuration via a BLE module, and then trigger a restart of the WiFi service. This allows the attacker to execute commands as root through the `wpa supplicant restart.sh` shell script. The vulnerability affects devices using firmware derived from the MIT Cheetah codebase, including the G1 (humanoid) and Go2 (quadruped) branches. **Recommendations** Unitree Go2 robots: Consider temporarily disabling the bluetooth protocol as a mitigation measure. Unitree G1 robots: Consider temporarily disabling the bluetooth protocol as a mitigation measure. Unitree H1 robots: Consider temporarily disabling the bluetooth protocol as a mitigation measure. Unitree B2 robots: Consider temporarily disabling the bluetooth protocol as a mitigation measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.