Critical Vulnerabilities in Yarbo Robot Firmware Expose Devices to Remote Attacks

Critical Vulnerabilities in Yarbo Robot Firmware Expose Devices to Remote Attacks

First seen 7 May 2026, 17:40 UTC takeonme.org 86% similarity 78.0

Article Content

Browse articles
ThreatCluster

AHA! disclosed three critical vulnerabilities in Yarbo robot firmware v2.3.9, identified as CVE-2026-7413, CVE-2026-7414, and CVE-2026-7415. The vulnerabilities include a hidden backdoor, hardcoded credentials, and an open MQTT broker, allowing attackers to gain unauthorized access and control over affected devices. CVE-2026-7413 features a persistent backdoor providing root access, while CVE-2026-7414 contains hardcoded admin credentials shared across all devices. CVE-2026-7415 allows for device enumeration and command execution without authentication. These vulnerabilities enable mass exploitation and fleet-wide compromise of Yarbo robots. The issues were reported by Andreas Makris (Bin4ry) and are currently active, posing significant risks to users. Immediate action is required to mitigate these threats.

Key Points: • Three critical CVEs (CVE-2026-7413, CVE-2026-7414, CVE-2026-7415) affect Yarbo firmware v2.3.9. • A persistent backdoor and hardcoded credentials allow for unauthorized remote access. • An open MQTT broker enables device enumeration and command execution without authentication.

ThreatCluster AI

Timeline

2026-05-07
CVE-2026-7413 published
A hidden backdoor in Yarbo firmware allows remote, unauthenticated access to devices.
Article 1 (takeonme.org)
2026-05-07
CVE-2026-7414 published
Hardcoded administrative credentials in Yarbo firmware enable trivial unauthorized access.
Article 2 (takeonme.org)
2026-05-07
CVE-2026-7415 published
An open MQTT broker allows attackers to enumerate and control devices without credentials.
Article 3 (takeonme.org)

Community

Browse all →