Security Advisory

CVE-2018-18638

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-24 22:00:00

Last updated 2024-08-05 11:15:59

Assigner mitre

State PUBLISHED

Description

A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network attackers to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint.

← Browse all CVEs View on cve.org ↗