{"uuid": "b41c0821-d642-428e-8d8a-f9ca32632b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-10273", "type": "seen", "source": "https://t.me/VulnerabilityNews/15481", "content": "The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected to the robot networks (wired or wireless) to exfiltrate all stored data (e.g. indoor mapping images) and associated metadata from the robot's database.\nPublished at: June 24, 2020 at 07:15AM\nView on website", "creation_timestamp": "2020-06-25T07:46:32.000000Z"}