CVE-2025-8748 | HackTesting

MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the underlying operating system.

Credits

Lockheed Martin Red Team

References

https://mobile-industrial-robots.com/security-advisories/command-injection

https://supportportal.mobile-industrial-robots.com/documentation/mir-cybersecurity-guide/mir-cybersecurity-guide/