Vulnerabilities > Neatorobotics > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-23 | CVE-2018-20785 | Unspecified vulnerability in Neatorobotics products Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. | 7.4 |
| 2018-10-24 | CVE-2018-18638 | OS Command Injection vulnerability in Neatorobotics Botvac Connected Firmware 2.2.0 A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network attackers to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint. | 8.1 |
| 2018-09-18 | CVE-2018-17176 | Authentication Bypass by Capture-replay vulnerability in Neatorobotics products A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. | 7.5 |