Critical Vulnerabilities in Yarbo Robot Firmware Expose Devices to Remote Attacks
ID: ca67afdd-2bf7-5243-bc15-c8daced69d4c
STIX ID: report--ca67afdd-2bf7-5243-bc15-c8daced69d4c
Feed Name: ThreatCluster
Threat Score
**AHA! disclosed three critical vulnerabilities in Yarbo robot firmware v2.3.9 (CVE-2026-7413, CVE-2026-7414, CVE-2026-7415) — a persistent root backdoor, hardcoded admin credentials shared across devices, and an open MQTT broker — which together allow unauthorized remote access, device enumeration, and unauthenticated command execution; these active issues enable mass exploitation and fleet-wide compromise and require immediate mitigation.**
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.