Security experts have uncovered a serious vulnerability in Unitree Go1 robot dogs—revealing a hidden backdoor that could allow hackers to remotely control the devices, stream camera footage, and potentially infiltrate private networks.
Cybersecurity researchers Andreas Makris and Kevin Finisterre discovered the flaw in the China-made quadruped robot, manufactured by Unitree Robotics, which quietly activates a remote access tunnel as soon as the device connects to the internet. The embedded service, undocumented and pre-installed, reaches out to Unitree’s servers automatically if certain variables are enabled—leaving users completely unaware.
Robot Dog Security Flaw Opens the Door to Remote Access
The backdoor leverages CloudSail, a remote access tool developed by Zhexi Technology in China. While CloudSail is typically used for legitimate device management, in this case, it’s been repurposed to allow unrestricted control of robot dogs via the internet.
“Anyone with the API key can take control of the robots, access live camera feeds, and even SSH into the device,” warned the researchers. “Even if this hasn’t been exploited yet, its mere presence is irresponsible and a serious breach of trust.”
Makris and Finisterre argue that enabling such features without a user’s explicit consent crosses ethical boundaries and poses significant risks, especially if these robot dogs are deployed in sensitive locations.
Unitree’s Vision Cameras Could Be Used to Spy Without Users Knowing
The $4,000 robot dogs are equipped with vision cameras, which—once accessed through the tunnel—allow external users to see exactly what the robot sees in real-time. Shockingly, the researchers were able to access live streams and the robot’s web interface using their own tools, without needing any login credentials.
Adding to the concerns, they also found traces of an older, inactive tunnel service still buried in the software. This suggests either poor development practices or an attempt to repurpose older code without removing legacy access points.
CloudSail API Reveals Nearly 2,000 Robot Dogs Were Exposed
According to CloudSail’s API, at least 1,919 robot dogs connected to the tunnel service in the past. While only two appear to be active now, researchers were able to create new tunnels and gain remote access to available clients.
Unitree also ships the Go1 models with default SSH login credentials, which many users may not change. If left untouched, this gives cybercriminals a direct pathway into the underlying Raspberry Pi—the device’s core operating system. From there, attackers can move laterally into connected systems on the same network.
Robot Dog Vulnerability Could Threaten Sensitive Environments
The discovery has major implications for industries and individuals using Unitree’s products. If deployed in military, government, or research settings, these hidden services could open doors to surveillance or even sabotage.
“This isn’t just a glitch—it’s a serious risk,” the researchers stated. “The fact that users aren’t notified or given the choice to disable these services is unacceptable.”
More concerning, the researchers suggest that other Unitree models—including the newer Go2 and humanoid robots—may contain similar hidden services.
Unanswered Questions: Is the Backdoor Intentional?
The nature of the backdoor raises troubling questions. Was it intended only for Chinese users? Was Unitree planning a remote control feature and never completed it? Why are robots globally connecting to this service by default?
Even more puzzling, the researchers found an unfinished payment page related to the tunnel client—fueling speculation that Unitree may have planned to commercialize the service.
What Should Users Do? Disconnect Immediately
The security team is urging all Unitree robot owners to immediately disconnect their devices from the internet. They also recommend reviewing logs to check for signs of unauthorized access or suspicious activity on the local network.
“This isn’t just about one robot model. It’s about the potential for widespread remote access to machines people trust to operate in private, professional, or high-security spaces,” the researchers warned.
Until Unitree offers transparency and control over these services, users are advised to proceed with extreme caution.
