CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

115 matches found

RedhatCVE•added 2025/10/13 11:23 p.m.•5 views

CVE-2025-11650

A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. Executing manipulation can lead to use of weak hash. The physical device can be targeted for the attack. The attack requires a...

4CVSS5.9AI score0.00011EPSS

Exploits1References1

RedhatCVE•added 2025/10/13 11:23 p.m.•4 views

CVE-2025-11649

A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Root Account Handler. Performing manipulation results in use of hard-coded password. The attack must be initiated from a local position. The attack is considered to have hig...

7.3CVSS5.8AI score0.00021EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 10:23 p.m.•5 views

CVE-2025-11647

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

6.8CVSS3.6AI score0.00048EPSS

Exploits1References1

RedhatCVE•added 2025/10/13 9:29 p.m.•3 views

CVE-2025-11646

A vulnerability was detected in Tomofun Furbo 360 and Furbo Mini. This vulnerability affects unknown code of the component GATT Service. The manipulation results in improper access controls. The attack can only be performed from the local network. The exploit is now public and may be used. The...

8.1CVSS6.3AI score0.00032EPSS

Exploits1References1

RedhatCVE•added 2025/10/13 8:23 p.m.•2 views

CVE-2025-11644

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

4.2CVSS3.8AI score0.00027EPSS

Exploits1References1

RedhatCVE•added 2025/10/13 8:23 p.m.•3 views

CVE-2025-11643

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. Affected by this vulnerability is an unknown functionality of the file /squashfs-root/furboimg of the component MQTT Client Certificate. Performing manipulation results in hard-coded credentials. The attack may be initiated...

8.1CVSS6.3AI score0.00056EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 7:24 p.m.•3 views

CVE-2025-11642

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected is an unknown function of the component Registration Handler. Such manipulation leads to denial of service. The attack can be executed directly on the physical device. The attack requires a high level of complexity. The...

4.1CVSS6AI score0.00019EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 7:24 p.m.•9 views

CVE-2025-11641

A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown function of the component Trial Restriction Handler. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The attack is considered to have high...

6.4CVSS6.2AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 6:22 p.m.•5 views

CVE-2025-11640

A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. This affects an unknown function of the component Bluetooth Low Energy. The manipulation results in cleartext transmission of sensitive information. Access to the local network is required for this attack. Attacks of this nature are...

5.3CVSS6.1AI score0.00011EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 6:22 p.m.•4 views

CVE-2025-11639

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file collectlogs.sh of the component Debug Log S3 Bucket Handler. The manipulation leads to insecure storage of sensitive information. An attack has to be approached locally. The...

5.5CVSS6.3AI score0.00024EPSS

Exploits1References1

RedhatCVE•added 2025/10/13 5:26 p.m.•1 views

CVE-2025-11638

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Bluetooth Handler. Executing manipulation can lead to denial of service. The attacker needs to be present on the local network. The firmware versions determined to be affected a...

6.5CVSS6AI score0.0007EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 1:28 p.m.•2 views

CVE-2025-11634

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown part of the component UART Interface. The manipulation results in information disclosure. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited...

4.6CVSS3.4AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 12:22 p.m.•1 views

CVE-2025-11633

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is the function uploadfiletos3 of the file collectlogs.sh of the component HTTP Traffic Handler. The manipulation leads to improper certificate validation. The attack may be initiated remotely. The attack i...

6.3CVSS4.5AI score0.00051EPSS

Exploits0References1