EUVD-2025-33892

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component HTTP Traffic Handler. The manipulation leads to improper certificate validation. The attack may be initiated remotely. The attack is considered to have high...

CVE-2025-11633 Tomofun Furbo 360/Furbo Mini HTTP Traffic collect_logs.sh upload_file_to_s3 certificate validation

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is the function uploadfiletos3 of the file collectlogs.sh of the component HTTP Traffic Handler. The manipulation leads to improper certificate validation. The attack may be initiated remotely. The attack i...

CVE-2025-11633

The CVE describes a trust-management issue in Tomofun Furbo 360 and Furbo Mini stemming from improper certificate validation in the HTTP Traffic Handler component, specifically the collect_logs.sh upload_file_to_s3 function. Affected firmware: Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC...

Tomofun Furbo 360和Tomofun Furbo Mini 信任管理问题漏洞

Tomofun Furbo 360 and Tomofun Furbo Mini are both smart pet cameras from Tomofun Corporation of Taiwan, China. A trust management issue vulnerability exists in Tomofun Furbo 360 FB0035FW036 and earlier versions and Tomofun Furbo Mini MC0020FW074 and earlier versions, which stems from improper...