CyberSec.Space Logo
Back to CVE Browser

CVE-2020-10269

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1550%
EPSS Percentile28.45th
PublishedJun 24, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode. Credentials to such wireless Access Point default to well known and widely spread SSID (MiR_RXXXX) and passwords (omitted). This information is also available in past User Guides and manuals which the vendor distributed. We have confirmed this flaw in MiR100 and MiR200 but it might also apply to MiR250, MiR500 and MiR1000.

Affected Platforms (CPE)

πŸ’»
Aliasrobotics

Mir100 Firmware

<= 2.8.1.1
πŸ’»
Aliasrobotics

Mir200 Firmware

<= 2.8.1.1
πŸ’»
Aliasrobotics

Mir250 Firmware

<= 2.8.1.1
πŸ’»
Aliasrobotics

Mir500 Firmware

<= 2.8.1.1
πŸ’»
Aliasrobotics

Mir1000 Firmware

<= 2.8.1.1
πŸ’»
Mobile Industrial Robotics

Er200 Firmware

<= 2.8.1.1
πŸ’»
Enabled Robotics

Er Lite Firmware

<= 2.8.1.1
πŸ’»
Enabled Robotics

Er Flex Firmware

<= 2.8.1.1
πŸ’»
Enabled Robotics

Er One Firmware

<= 2.8.1.1
πŸ’»
Uvd Robots

Uvd Robots Firmware

<= 2.8.1.1

References & Advisories

πŸ”— https://github.com/aliasrobotics/RVD/issues/2566
πŸ”— https://github.com/aliasrobotics/RVD/issues/2566

Related Vulnerabilities

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...