{"uuid": "91b0fcea-511d-4e6c-897d-81586dcdf26c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2894", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9262", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2894\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Go1\u00a0also known as \"The World's First Intelligence Bionic Quadruped Robot Companion of Consumer Level,\" contains an undocumented backdoor that can enable the manufacturer, and anyone in possession of the correct API key, complete remote control over the affected robotic device using the CloudSail remote access service.\n\ud83d\udccf Published: 2025-03-28T02:51:19.768Z\n\ud83d\udccf Modified: 2025-03-28T02:51:19.768Z\n\ud83d\udd17 References:\n1. https://github.com/MAVProxyUser/YushuTechUnitreeGo1/blob/main/Unitree_report.pdf\n2. https://x.com/d0tslash/status/1730989109332607208\n3. https://github.com/unitreerobotics/unitree_ros/issues/120\n4. https://takeonme.org/cves/cve-2025-2894/", "creation_timestamp": "2025-03-28T03:27:38.000000Z"}