Mygardyn: >> Cloud Api Security Vulnerabilities
A specific administrative endpoint is accessible without proper authentication, exposing device management functions.
CVSS Score
8.7
EPSS Score
0.001
Published
2026-04-03
Development and test API endpoints are present that mirror production functionality.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-04-03
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication.
CVSS Score
9.2
EPSS Score
0.001
Published
2026-04-03
A specific administrative endpoint notifications is accessible without proper authentication.
CVSS Score
6.9
EPSS Score
0.001
Published
2026-04-03
A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-04-03