CVE-2025-60017
Published
CVSS v3
8.2
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapd_restart.sh wifi_ssid or wifi_pass parameter (within restart_wifi_ap and restart_wifi_sta).
GitHub