CVE-2026-8153

CRITICAL CVSS 9.8 View on NVD ↗

Description

OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.21.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

https://www.universal-robots.com/developer/communication-protocol/dashboard-server/

Published: May 08, 2026 12:16 UTC Modified: May 08, 2026 15:51 UTC