Skip to main content

Robolinho Update Software

1 CVEs product

Monthly

CVE-2026-1612 MEDIUM This Month

Hard-coded AWS credentials in AL-KO Robolinho Update Software allow unauthenticated attackers to directly access AL-KO's AWS S3 bucket with read permissions and potentially escalated privileges beyond the application's intended access model. Version 8.0.21.0610 is confirmed vulnerable; the full affected version range is unknown due to lack of vendor cooperation. No public exploit code or active exploitation has been reported, but the credentials are trivially extractable from the application binary.

Authentication Bypass Robolinho Update Software
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
EPSS 0% CVSS 6.9
MEDIUM This Month

Hard-coded AWS credentials in AL-KO Robolinho Update Software allow unauthenticated attackers to directly access AL-KO's AWS S3 bucket with read permissions and potentially escalated privileges beyond the application's intended access model. Version 8.0.21.0610 is confirmed vulnerable; the full affected version range is unknown due to lack of vendor cooperation. No public exploit code or active exploitation has been reported, but the credentials are trivially extractable from the application binary.

Authentication Bypass Robolinho Update Software
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy