Ruikai Peng

**Name of the Vulnerable Software and Affected Versions** Unitree Go2 versions V1.1.7 through V1.1.9 Unitree Go2 version V1.1.11 (EDU) **Description** Lack of DDS authentication and authorization for the Eclipse CycloneDDS topic "rt/api/programming actuator/request" handled by `actuator manager.py` allows a network-adjacent, unauthenticated attacker to join DDS domain 0. By publishing a crafted message with the variable `api id=1002` containing arbitrary Python code, the attacker can cause the robot to write this code to the disk under `/unitree/etc/programming/` and bind it to a physical controller keybinding. Once the keybinding is pressed, the code executes with root privileges, and the binding remains active after reboots. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Unitree Go2 versions 1.1.7 through 1.1.11 **Description** Remote code execution is possible due to a lack of integrity protection and validation of user-created programs when used with the Unitree Go2 Android application (com.unitree.doggo2). The application stores programs in a local SQLite database (`unitree go2.db`, table `dog programme`) and transmits the `programme text` content, specifically the `pyCode` field, to the robot. The robot's `actuator manager.py` function executes the provided Python code as root without verifying its integrity or validating the content. An attacker with local access to the Android device can manipulate the stored program record to inject arbitrary Python code, which executes when the user triggers the program via a controller keybinding; this malicious binding persists after reboots. Furthermore, importing and running a malicious program shared through the application's community marketplace can lead to arbitrary code execution on the robot. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.