Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/10/13 10:23 p.m.6 views

CVE-2025-11648

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...

7.4CVSS5.4AI score0.00416EPSS
Exploits1References1
NVD
NVD
added 2025/10/12 10:15 p.m.5 views

CVE-2025-11648

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...

7.4CVSS0.00416EPSS
Exploits1References4
CVE
CVE
added 2025/10/12 9:2 p.m.11 views

CVE-2025-11646

CVE-2025-11646 affects Tomofun Furbo 360 (FB0035_FW_036 and earlier) and Furbo Mini (MC0020_FW_074 and earlier). The issue arises from improper access controls in the GATT Service component, enabling a local‑network attack. Public exploits are available. Remediation per PT Security advisory: upda...

8.1CVSS6AI score0.00503EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/10/12 8:15 p.m.4 views

CVE-2025-11644

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

4.2CVSS5.2AI score0.00251EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/10/12 6:32 p.m.4 views

CVE-2025-11641 Tomofun Furbo 360/Furbo Mini Trial Restriction access control

A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown function of the component Trial Restriction Handler. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The attack is considered to have high...

3.9CVSS5.8AI score0.00166EPSS
Exploits0References3
OSV
OSV
added 2025/10/12 6:15 p.m.6 views

CVE-2025-11640

A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. This affects an unknown function of the component Bluetooth Low Energy. The manipulation results in cleartext transmission of sensitive information. Access to the local network is required for this attack. Attacks of this nature are...

5.3CVSS5.4AI score0.00195EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/12 3:30 p.m.7 views

EUVD-2025-33897

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown part of the component UART Interface. The manipulation results in information disclosure. An attack on the physical device is feasible. The firmware versions determined to be affected are Furbo 360 up...

2.4CVSS3.2AI score0.00173EPSS
Exploits0References4
OSV
OSV
added 2025/10/12 1:15 p.m.5 views

CVE-2025-11634

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown part of the component UART Interface. The manipulation results in information disclosure. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited...

4.6CVSS5.2AI score
Exploits0References3
Cvelist
Cvelist
added 2025/10/12 12:2 p.m.8 views

CVE-2025-11633 Tomofun Furbo 360/Furbo Mini HTTP Traffic collect_logs.sh upload_file_to_s3 certificate validation

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is the function uploadfiletos3 of the file collectlogs.sh of the component HTTP Traffic Handler. The manipulation leads to improper certificate validation. The attack may be initiated remotely. The attack i...

6.3CVSS0.00235EPSS
Exploits0References3
Rows per page
Query Builder