Open MQTT orchestration without read/write ACLs in Yarbo robot firmware

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization of any kind.

AI Analysis

MQTT broker allows anonymous connections with no topic-level read or write ACLs

Basic Information

ID CVE-2026-7415

Source AHA

Published May 7, 2026 at 16:11

Modified May 7, 2026 at 17:04

Affected Product

Vendor Yarbo

Product Firmware

Affected Versions Yarbo Firmware 0

CWE Classification

CWE-306

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Yarbo

Product Yarbo Robot Firmware

Version v2.3.9

References

{
    "lastseen": "",
    "description": "The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization of any kind.",
    "published": "2026-05-07T16:11:16.943Z",
    "modified": "2026-05-07T17:04:31.177Z",
    "type": "cve",
    "title": "Open MQTT orchestration without read/write ACLs in Yarbo robot firmware",
    "source": "AHA",
    "references": "https://github.com/Bin4ry/yarbo-nat-in-my-back-yard\nhttps://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000000111111111100111111111110000000000000000000000000000000000000000000000000000001001",
    "id": "CVE-2026-7415",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "Yarbo Firmware 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Firmware",
    "version": "0",
    "vendor": "Yarbo",
    "ai_description": "MQTT broker allows anonymous connections with no topic-level read or write ACLs",
    "ai_severity": "Critical",
    "ai_vendor": "Yarbo",
    "ai_product": "Yarbo Robot Firmware",
    "ai_version": "v2.3.9",
    "ai_score": 9.8
}

Open MQTT orchestration without read/write ACLs in Yarbo robot firmware_CVE-2026-7415