German Researcher Exposes Remote Takeover Vulnerability in 11,000 Yarbo Robots

Security researcher Andreas Makris discovered that all Yarbo robot lawn mowers share identical hardcoded root passwords, enabling remote device control across 11,000 deployed units worldwide. The flaw also exposes users' Wi-Fi credentials, creating broader network compromise risk. Yarbo's modular yard robots—200-pound machines capable of lawn mowing, snow blowing, and leaf clearing—operate through cloud connectivity now proven vulnerable to unauthorized access. The vulnerability represents a fundamental authentication failure in devices the company markets as premium solutions with comprehensive warranty coverage.