CVE-2026-25197

CRITICAL

Gardyn Cloud API Authorization Bypass Through User-Controlled Key

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-25197. PoCs published by MichaelAdamGroberman.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2026-25197, an IDOR vulnerability in Gardyn's Cloud API. It includes affected endpoints, data exposure details, and remediation steps, but does not contain functional exploit code.

Description

A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call.

Exploits (1)

nomisec WRITEUP 1 stars

by MichaelAdamGroberman · poc

https://github.com/MichaelAdamGroberman/CVE-2026-25197

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2026-25197, an IDOR vulnerability in Gardyn's Cloud API. It includes affected endpoints, data exposure details, and remediation steps, but does not contain functional exploit code.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Gardyn Cloud API < 2.12.2026

Auth required

Prerequisites: Authenticated user access to the API

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Apr 07, 2026 Full analysis →

References (3)

Core 3

Core References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-055-03

https://mygardyn.com/security/

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-055-03.json

View Writeup ZIP pw:eip

Scores

CVSS v3 9.1

EPSS 0.0004

EPSS Percentile 12.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-639

Status published

Products (2)

Gardyn/Cloud API < 2.12.2026

mygardyn/cloud_api < 2.12.2026

Published Apr 03, 2026

Tracked Since Apr 04, 2026