Skip to main content

Polyscope 5

1 CVEs product

Monthly

CVE-2026-8153 CRITICAL PATCH CISA Act Now

Remote unauthenticated command injection in Universal Robots PolyScope Dashboard Server (versions <5.21.1) allows attackers to execute arbitrary OS commands on industrial robot controllers via network-crafted requests. With CVSS 9.8 (critical severity) and complete absence of authentication barriers, this vulnerability enables full robot controller compromise from remote network positions. No authentication, user interaction, or attack complexity required - exploitation is straightforward against default configurations exposing the Dashboard Server interface.

Command Injection Polyscope 5
NVD
CVSS 3.1
9.8
EPSS
1.1%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Remote unauthenticated command injection in Universal Robots PolyScope Dashboard Server (versions <5.21.1) allows attackers to execute arbitrary OS commands on industrial robot controllers via network-crafted requests. With CVSS 9.8 (critical severity) and complete absence of authentication barriers, this vulnerability enables full robot controller compromise from remote network positions. No authentication, user interaction, or attack complexity required - exploitation is straightforward against default configurations exposing the Dashboard Server interface.

Command Injection Polyscope 5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy