cbcvebase.

Mobile Industrial Robots Mir Fleet vulnerabilities

4 known vulnerabilities affecting mobile_industrial_robots/mir_fleet.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2025-8748P2HIGHCVSS 8.8fixed in 3.0.02025-08-08
CVE-2025-8748 [HIGH] CWE-78 CVE-2025-8748: MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A ma MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the underlying operating system.
nvd
CVE-2025-9225P4MEDIUMCVSS 5.5fixed in 3.0.02025-08-20
CVE-2025-9225 [MEDIUM] CWE-79 CVE-2025-9225: Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on Mi Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser
nvd
CVE-2025-9229P4MEDIUMCVSS 5.3fixed in 3.0.02025-08-20
CVE-2025-9229 [MEDIUM] CWE-209 CVE-2025-9229: Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages.
nvd
CVE-2025-9228P4MEDIUMCVSS 4.3fixed in 3.0.02025-08-20
CVE-2025-9228 [MEDIUM] CWE-863 CVE-2025-9228: MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users.
nvd
Mobile Industrial Robots Mir Fleet vulnerabilities | cvebase