High severity7.5NVD Advisory· Published Sep 18, 2018· Updated Jun 17, 2026
CVE-2018-17176
CVE-2018-17176
Description
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication (always transmitted in cleartext) can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 2.2.0
Patches
Vulnerability mechanics
References
1- media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleanersnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.