CVE-2026-8153

Summary

OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS.

Affected Software

VendorProductVersion RangeStatus
Universal RobotsPolyScope 50 < 5.25.1affected

Weaknesses

  • CWE-78: CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References