Vulnerabilities > CVE-2018-17178 - Unspecified vulnerability in Neatorobotics products

CVSS 5.3 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

high complexity

neatorobotics

NVD

Published: 2018-09-18

Updated: 2021-06-17

Summary

An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands (sent to /bin/webserver on port 8081) if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though the web socket replies with { "message" : "invalid authorization header" }. Without an active session, commands are still interpreted, but (except for eco-on and eco-off) have no effect, since without active driving, a driving direction does not change anything.

Vulnerable Configurations

Part	Description	Count
OS	Neatorobotics Neatorobotics Botvac D4 Connected Firmware 2.2.0 Neatorobotics Botvac D6 Connected Firmware 2.2.0 Neatorobotics Botvac D5 Connected Firmware 2.2.0 Neatorobotics Botvac D7 Connected Firmware 2.2.0 Neatorobotics Botvac D3 Connected Firmware 2.2.0	5
Hardware	Neatorobotics Neatorobotics Botvac D4 Connected - Neatorobotics Botvac D6 Connected - Neatorobotics Botvac D5 Connected - Neatorobotics Botvac D7 Connected - Neatorobotics Botvac D3 Connected -	5

References

https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners