CVE-2026-7413 | THREATINT

Description

A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates.

PUBLISHED Reserved 2026-04-29 | Published 2026-05-07 | Updated 2026-05-07 | Assigner AHA

HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-912 Hidden Functionality

Product status

Default status

unaffected

Any version

affected

Credits

Andreas Makris (aka Bin4ry) finder

todb of AHA! coordinator

References

github.com/Bin4ry/yarbo-nat-in-my-back-yard third-party-advisory

takeonme.org/...00000000000000000000000000000000000000000111 third-party-advisory

cve.org (CVE-2026-7413)

nvd.nist.gov (CVE-2026-7413)

Download JSON