Unitree Go1, a popular consumer-grade robot dog, contains a pre-installed and undocumented remote access tunnel service, security researchers at Berlin startup thinkAwesome GmbH have discovered.
Anyone with a single API key and default credentials of pi/123 can control the dogs and access their cameras remotely, according to security researchers Andreas Makris and Kevin Finisterre.
The four-footed robots from Chinese company Unitree Robotics gained popularity due to their low cost, which ranges from $2,500 for the “Air” model to $8,500 for the “Edu” version marketed to universities and researchers.
While the robots differ in hardware components, software-wise, they all run the same system. The software development kit (SDK) of more expensive models allows developers to access high- and low-level commands.
Researchers found that the dog's brain is a Raspberry Pi mini-computer, which launches several proprietary services on startup. After checking for internet connectivity, it also starts the CloudSail (Zhexi) tunnel service.
“CloudSail (Zhexi) is a remote access tunnel service developed by Zhexi Technology, primarily targeted at Chinese markets. The service is designed to provide NAT traversal and remote access capabilities for IoT devices, industrial equipment, and other networked systems,” the researchers explain in their report.
For robot dog users, this means that the service can be used to establish a connection across different networks even if the local network blocks incoming connections or lacks port forwarding, effectively bypassing firewall and NAT restrictions. This level of access can be dangerous and enable intrusions to private networks.
The researchers managed to obtain the Unitree CloudSail API key and found a total of 1919 vulnerable devices. Only two of them were active at a time.
“By using our own tunnel manager tool we are able to create a tunnel to any active client,” the report reads. For demonstration purposes, they only accessed their own robot dog.
Potential attackers would be able to exploit it to move laterally inside the network.
“Most of the machines are located in China, but as expected some are outside of China, apart from some residential IPs, we were able to identify several University IPs and some corporate networks from around the world,” the researchers said.
They listed more than a dozen universities from the US, Canada, Germany, New Zealand, Australia, and Japan that are experimenting with robot dogs.
The researchers doubt the backdoor was placed intentionally. Rather, it signals poor code review and cleanup practices at Unitree. They were able to discover remnants of older remote access implementations.
However, the preinstalled tunnel risk is a real risk.
“We strongly advise everyone with such a robot to remove it from the network permanently, as well as examine all available logs to check if their network was breached,” they said.
“Anybody with access to the API key can freely access all robot dogs on the tunnel network, remotely control them, use the vision cameras to see through their eyes, or even hop on the RPI via SSH. If this was abused or not does not matter in this case.”
The Unitree Go1 robots are marketed for various purposes, including search and rescue missions, and military uses.
“Imagining a robot dog in these sensitive areas with an active tunnel to the manufacturer who can remotely control the device at will is concerning.”
The researchers didn’t analyze the newer Go2 version of the robot dog or other devices from the manufacturer. However, they warn about the risk that similar backdoors may also be installed.
Your email address will not be published. Required fields are markedmarked