Vulnerabilities > Robotemi

DATE CVE VULNERABILITY TITLE RISK
2020-08-11 CVE-2020-16170 Use of Hard-coded Credentials vulnerability in Robotemi Temi 1.3.3/1.3.7931
Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors.
network
low complexity
robotemi CWE-798
7.5
2020-08-07 CVE-2020-16169 Improper Authentication vulnerability in Robotemi Robox OS 117.21/119.24
Authentication Bypass Using an Alternate Path or Channel in temi Robox OS prior to120, temi Android app up to 1.3.7931 allows remote attackers to gain elevated privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and motor control via unspecified vectors.
network
low complexity
robotemi CWE-287
7.5
2020-08-07 CVE-2020-16167 Missing Authentication for Critical Function vulnerability in Robotemi Launcher OS 11969/13146
Missing Authentication for Critical Function in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to receive and answer calls intended for another temi user.
network
low complexity
robotemi CWE-306
6.4
2020-08-07 CVE-2020-16168 Origin Validation Error vulnerability in Robotemi Temi Firmware
Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors.
network
low complexity
robotemi CWE-346
6.5