Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
HighPublic exploit

Root Command Injection in Unitree Robot WiFi BLE Configuration

IdentifiersCVE-2025-35027CWE-77

CVE-2025-35027 is a command injection vulnerability affecting multiple Unitree robotic products that share a common firmware codebase, including the Go2, G1, H1, and B2. The flaw is triggered by supplying a malicious string while configuring the robot's onboard WiFi through its BLE module and then causing the WiFi service to restart. The attacker-controlled input is subsequently processed by the wpa_supplicant_restart.sh shell script in an unsafe manner, allowing arbitrary shell commands to be executed. According to the provided content, the injected commands run with root privileges. The issue appears to stem from firmware shared across Unitree product lines derived from the MIT Cheetah codebase.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation allows arbitrary command execution as root on the affected robot. This can result in full device compromise, including complete control over the operating environment, modification of system configuration, installation of persistent malware, disruption of robot operation, and access to sensitive data or interfaces available on the platform. Because the commands execute with root privileges, the attacker effectively gains the highest level of control over the device.

Mitigation

If you can’t patch tonight, do this now.

Until a vendor fix is available, restrict or disable BLE-based WiFi configuration where operationally feasible, limit physical and radio proximity access to the robot, and prevent untrusted parties from interacting with the BLE management interface. Monitor for unauthorized WiFi configuration changes and unexpected WiFi service restarts. If possible, harden or remove the vulnerable script path, and segment affected robots from sensitive networks to reduce post-compromise impact. The content indicates affected Unitree firmware remained vulnerable as of September 2025, so compensating controls are important where patching is not yet possible.

Remediation

Patch, then assume compromise.

Apply a vendor firmware update that corrects unsafe handling of WiFi configuration input in the BLE-to-WiFi configuration path and in the wpa_supplicant_restart.sh script. Remediation should include strict input validation and sanitization, avoidance of shell interpretation of untrusted input, and use of safe argument passing mechanisms rather than constructing shell commands from user-controlled strings. The provided content does not include a specific fixed firmware version.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
Unitree RoboticsB2 Firmwareoperating_system
Unitree RoboticsG1 Firmwareoperating_system
Unitree RoboticsGo2 Firmwareoperating_system
Unitree RoboticsH1 Firmwareoperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

3 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

3 SOURCESView more in app
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity2

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2025-35027
NVD
nvd.nist.gov/vuln/detail/CVE-2025-35027
MITRE CWE · CWE-77
cwe.mitre.org
Third Party Advisory
takeonme.org/cves/cve-2025-35027
Exploit
github.com/Bin4ry/UniPwn
Press/Media Coverage
spectrum.ieee.org/unitree-robot-exploit
Press/Media Coverage
x.com/committeeonccp/status/1971250635548033311