CVE-2026-7413: Persistent undocumented backdoor access in Yarbo robot firmware v2.3.9#

AHA! has discovered an issue affecting Yarbo robot firmware v2.3.9. This disclosure follows AHA!’s standard disclosure policy. Any questions about this disclosure should be directed to [email protected].

Affected products#

  • Yarbo robot firmware v2.3.9 (April, 2026)

Executive summary#

A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates.

This vulnerability is estimated to have a CVSSv31 rating of CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (7.2, High) and the relevant SSVC vectors are Exploitation: PoC and Technical Impact: Total. This issue is an instance of CWE-912.

Vulnerability Details#

An undocumented SSH service is installed and listening on all affected robots, reachable through a NAT-pushing proxy system. This service grants an interactive shell at escalated, root privileges. The component is present in firmware images is routinely restored during normal boot, making access persistent.

Attacker Value#

An attacker who can reach the device either directly or through the supplied NAT-punching proxy and provide a valid username and password can immediately obtain a persistent, privileged foothold on the robot via the undocumented backdoor. With that foothold the attacker can read sensitive telemetry and internal state, run arbitrary commands as root, and install or restore components that survive reboots and firmware updates.

When combined with the hardcoded credential described in CVE-2026-7414, an attacker has effectively unfettered access to the target robot, across the internet. When combined with CVE-2026-7415 (open MQTT orchestration) the attacker can locate specific robots to target with this vulnerability. In short, these issues together allow trivial unauthorized persistent control, fleet-wide compromise, and widespread data exposure.

Mitigation and remediation#

  • Vendor action required: remove the undocumented service, provide a documented authentication mechanism, and ensure firmware updates/factory resets effectively remove legacy/backdoor components.
  • Temporary mitigations: block the service’s listening port at network perimeter (host or network firewall), isolate devices on segmented networks, and monitor for unexpected outbound connections from devices.

Proof-of-concept#

See Bin4ry’s original disclosure details at Yarbo - NAT in my Back Yard.

Timeline#

  • 2026-March: Initial analysis of the vendor supplied Andorid APK
  • 2026-April: Initial analysis of the vendor supplied robot filesystem
  • 2026-Apr-12 (Sun): Initial outreach to the vendor and AHA!
  • 2026-Apr-29 (Wed): CVE-2026-7413 reserved
  • 2026-Apr-30 (Thu): Demonstrated at AHA! meeting 0x00eb
  • 2026-May-07 (Thu): Public disclosure of CVE-2026-7413

Credit#

Reported by Andreas Makris (aka Bin4ry), demonstrated and disclosed through AHA!.