cbcvebase.
CVE-2025-29629
published 2025-07-25

CVE-2025-29629: Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 use weak default credentials for…

PriorityP358critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
0.47%
37.1th percentile
Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 use weak default credentials for secure shell access. This may result in attackers gaining access to exposed Gardyn Home Kits.

Affected

1 ranges
VendorProductVersion rangeFixed in
gardynhome_kit_firmware< master.619master.619
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.