Polyscope 5
Monthly
Remote unauthenticated command injection in Universal Robots PolyScope Dashboard Server (versions <5.21.1) allows attackers to execute arbitrary OS commands on industrial robot controllers via network-crafted requests. With CVSS 9.8 (critical severity) and complete absence of authentication barriers, this vulnerability enables full robot controller compromise from remote network positions. No authentication, user interaction, or attack complexity required - exploitation is straightforward against default configurations exposing the Dashboard Server interface.
Remote unauthenticated command injection in Universal Robots PolyScope Dashboard Server (versions <5.21.1) allows attackers to execute arbitrary OS commands on industrial robot controllers via network-crafted requests. With CVSS 9.8 (critical severity) and complete absence of authentication barriers, this vulnerability enables full robot controller compromise from remote network positions. No authentication, user interaction, or attack complexity required - exploitation is straightforward against default configurations exposing the Dashboard Server interface.