Mobile Industrial Robots
Products
3- 3 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-8749 | Med | 0.42 | 6.5 | 0.00 | Aug 8, 2025 | Path Traversal vulnerability in API Endpoint in Mobile Industrial Robots (MiR) Software Versions prior to 3.0.0 on MiR Robots allows authenticated users to extract files from the robot file system via a crafted API request. | ||
| CVE-2025-13819 | Med | 0.40 | 6.1 | 0.00 | Dec 1, 2025 | Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks. | ||
| CVE-2025-9225 | Med | 0.36 | 5.5 | 0.00 | Aug 20, 2025 | Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser | ||
| CVE-2025-9229 | Med | 0.34 | 5.3 | 0.00 | Aug 20, 2025 | Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages. | ||
| CVE-2025-9228 | Med | 0.28 | 4.3 | 0.00 | Aug 20, 2025 | MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users. |
- risk 0.42cvss 6.5epss 0.00
Path Traversal vulnerability in API Endpoint in Mobile Industrial Robots (MiR) Software Versions prior to 3.0.0 on MiR Robots allows authenticated users to extract files from the robot file system via a crafted API request.
- risk 0.40cvss 6.1epss 0.00
Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks.
- risk 0.36cvss 5.5epss 0.00
Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser
- risk 0.34cvss 5.3epss 0.00
Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages.
- risk 0.28cvss 4.3epss 0.00
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users.