securityonline.info 7/10/2026, 6:50:57 PM · external

Critical flaw in Gardyn IoT Hub lets attackers run code remotely

Critical flaw in Gardyn IoT Hub lets attackers run code remotely
Developing story vulnerability 2 articles tracked
Critical flaw in Gardyn IoT Hub lets attackers run code remotely
CyberSIXT Evidence Panel
Primary Source mygardyn.com
CISA KEV Not in KEV
Patch Patch Status Unknown

THE Gardyn IoT Hub has three critical vulnerabilities (CVE-2026-13768, CVE-2026-55726, CVE-2026-54477) that can affect its smart gardening devices, with CVE-2026-13768 scoring 10.0 (critical) on the CVSS scale, enabling remote code execution via hard-coded credentials. No exploitation has been confirmed, but patches are available, urging users to update to master.627 and 2.12.2026 versions.

The flaws expose sensitive information and increase the risk of malicious access, especially with over 138,000 devices registered. Maintenance of security practices, such as keeping devices off public networks, is recommended.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline