From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) 好，我现在需要帮用户总结一篇文章的内容，控制在100字以内。用户给的文章是关于两个CVE漏洞的详细技术文章，涉及Unitree机器人的远程代码执行漏洞。 首先，我需要通读整篇文章，抓住主要信息。文章提到CVE-2026-27509和CVE-2026-27510两个漏洞。第一个漏洞是通过滥用DDS数据写入器实现无认证的远程代码执行，第二个漏洞则是通过篡改移动数据库中的预编程动作块来实现远程代码执行。这两个漏洞都影响了Unitree Go2的不同固件版本。 接下来，我需要确定用户的需求。用户希望用中文总结文章内容，控制在100字以内，并且不需要特定的开头，直接描述内容即可。这意味着我需要简洁明了地概括出漏洞的类型、影响范围以及利用方式。 然后，我会提取关键点：两个CVE编号、漏洞类型（无认证RCE和数据库篡改导致RCE）、影响的固件版本（V1.1.7到V1.1.11）、利用方式（物理控制器按键触发）以及Unitree机器人的相关信息。 最后，将这些关键点整合成一段流畅的文字，确保在100字以内，并且信息准确完整。 </think> 文章介绍了两个针对Unitree机器人的重要安全漏洞：CVE-2026-27509和CVE-2026-27510。前者通过滥用DDS数据写入器实现无认证远程代码执行（RCE），后者通过篡改移动数据库中的预编程动作块实现RCE。这两个漏洞均影响Unitree Go2的不同固件版本，并可通过物理控制器按键触发。... 2026-2-26 18:46:5 | 阅读: 0 | 收藏 | Boschko Security Blog - boschko.ca unitree actuator dds robot go2

When Models See Ghosts - Investigating Why Adversarial Examples Break Our Models 文章探讨了对抗样本存在的原因及机器学习模型为何容易被欺骗。通过对数据流形、决策边界和高维空间几何结构的分析，揭示了模型依赖于训练数据分布的低维流形进行预测，而对抗样本通过微小扰动即可利用模型对分布外输入的不稳定性进行攻击。防御措施面临挑战，需平衡模型鲁棒性和实际应用需求。... 2025-5-12 15:21:37 | 阅读: 9 | 收藏 | Boschko Security Blog - boschko.ca manifold adversarial boundaries dimensional trained

Breaking Down Adversarial Machine Learning Attacks Through Red Team Challenges 2024-11-28 00:27:55 | 阅读: 3 | 收藏 | Boschko Security Blog - boschko.ca gradient wolf granny adversarial timber

Incinerator: The Ultimate Android Malware Reversing Tool 2024-4-3 23:47:31 | 阅读: 29 | 收藏 | Boschko Security Blog - boschko.ca incinerator analysis security apk

TP-Link TDDP Buffer Overflow Vulnerability This blog delves into a vulnerability that was reported to TP-Link in 2020. Despite this, n... 2024-3-19 22:46:17 | 阅读: 33 | 收藏 | Boschko Security Blog - boschko.ca tddp des digest arg4 shambles

The Creative Dilemma: Why My Technical Blog Shackled My Creative Flow Navigating the struggles of maintaining a technical blog &... 2024-2-1 03:57:28 | 阅读: 14 | 收藏 | Boschko Security Blog - boschko.ca feels myself experiences felt became

Shambles: The Next-Generation IoT Reverse Engineering Tool to Discover 0-Day Vulnerabilities Reverse engineering has always held an aura of mystery making it an intimidating field to v... 2023-8-23 20:22:31 | 阅读: 10 | 收藏 | Boschko Security Blog - boschko.ca shambles firmware binql security

Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device Blogs like these are a little out of character for me. However, having debugged and helped... 2023-4-22 05:32:11 | 阅读: 10 | 收藏 | Boschko Security Blog - boschko.ca firmware squashfs emulate hardware lighttp

Vulnerabilities and Hardware Teardown of GL.iNET GL-MT300N-V2 Router I've really enjoyed reversing cheap/weird IoT devices in my free time. In early May of 2022... 2022-10-26 21:59:21 | 阅读: 12 | 收藏 | Boschko Security Blog - boschko.ca cloud chip boschko1 uart gl

Vulnerabilities in Tenda's W15Ev2 AC1200 Router Lately, after work, I've really enjoyed hacking and reverse engineering funky IoT devices.... 2022-10-20 02:16:50 | 阅读: 10 | 收藏 | Boschko Security Blog - boschko.ca remote injection tenda w15ev2 improper

ATM/Kiosk Hacking & Financially Oriented Web Applications This blog revolves around Positive Hack Days 2022 payment village challenges. This came to... 2022-6-7 07:45:46 | 阅读: 11 | 收藏 | Boschko Security Blog - boschko.ca atm applocker kiosk windows bypass

Using NVIDIA's leaked certificate to improve anti-kill Looking at how signing binaries with leaked Nvidia certific... 2022-3-30 06:6:17 | 阅读: 11 | 收藏 | Boschko Security Blog - boschko.ca nvidia mimikatz payload bypass avs

Hijacking League of Legends Accounts A tale of stealing from botters/boosters & their win-trading accou... 2022-3-24 10:0:2 | 阅读: 9 | 收藏 | Boschko Security Blog - boschko.ca riot security boosting bought riotgames

ATM/Kiosk Hacking I'm currently diving into ATM security and I stumbled upon a set of CTF challenges from the... 2022-1-27 12:30:5 | 阅读: 16 | 收藏 | Boschko Security Blog - boschko.ca windows kiosk ova atm bypass

The Braindead Buffer Overflow Guide to Pass the OSCP Blindfolded A while ago I tweeted that I'd become a sellout in hopes of one day owning a lamborghini.... 2021-11-4 14:44:54 | 阅读: 8 | 收藏 | Boschko Security Blog - boschko.ca memory shellcode mona debugger python

Cobalt Strike Process Injection I've documented some of my thoughts and ideas around process injection. In this blog will m... 2021-11-3 07:51:30 | 阅读: 15 | 收藏 | Boschko Security Blog - boschko.ca injection remote cobalt inject beacon

From Default Printer Credentials to Domain Admin Looking at Pass-back-attacks & how to exploit trust relationships... 2021-10-19 12:10:13 | 阅读: 11 | 收藏 | Boschko Security Blog - boschko.ca xerox printers network passwords

QueryFullProcessImageNameW Under-the-Hood - Reversing NtQueryInformationProcess How a path across processes can be obtained from PEB's LDR linked... 2021-10-16 05:37:21 | 阅读: 15 | 收藏 | Boschko Security Blog - boschko.ca microsoft reactos drag processes

Dynamically Retrieving System Call (syscall) Leveraging PTEs Locate instantiated PTE by leaking the base address and dyn... 2021-10-14 13:4:3 | 阅读: 11 | 收藏 | Boschko Security Blog - boschko.ca syscallid funcexample tchar

Thanks Fo' Nut'in - Hacking Male Fertility Sperm Tester This IoT device had already been lightly delved into by the guy's over at Hong's Electronic... 2021-10-6 13:19:28 | 阅读: 13 | 收藏 | Boschko Security Blog - boschko.ca firmware uart chip jffs2 tftp