Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/13 12:30 a.m.6 views

EUVD-2025-33911

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

3.1CVSS5.1AI score0.00516EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/13 12:30 a.m.7 views

EUVD-2025-33915

A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. Executing manipulation can lead to use of weak hash. The physical device can be targeted for the attack. The attack requires a...

1.8CVSS5.5AI score0.00142EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/12 10:32 p.m.16 views

CVE-2025-11649 Tomofun Furbo 360/Furbo Mini Root Account hard-coded password

A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Root Account Handler. Performing manipulation results in use of hard-coded password. The attack must be initiated from a local position. The attack is considered to have hig...

7.3CVSS0.0013EPSS
Exploits0References4
OSV
OSV
added 2025/10/12 10:15 p.m.6 views

CVE-2025-11648

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...

7.4CVSS5AI score0.00416EPSS
Exploits1References4
OSV
OSV
added 2025/10/12 10:15 p.m.4 views

CVE-2025-11647

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

6.8CVSS5.3AI score0.00516EPSS
Exploits1References4
CVE
CVE
added 2025/10/12 9:2 p.m.12 views

CVE-2025-11646

CVE-2025-11646 affects Tomofun Furbo 360 (FB0035_FW_036 and earlier) and Furbo Mini (MC0020_FW_074 and earlier). The issue arises from improper access controls in the GATT Service component, enabling a local‑network attack. Public exploits are available. Remediation per PT Security advisory: upda...

8.1CVSS6AI score0.00503EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2025/10/12 6:32 p.m.24 views

CVE-2025-11641

CVE-2025-11641 (Tomofun Furbo 360/ Mini) affects the Trail Restriction Handler component, causing improper access controls. Affects Furbo 360 < FB0035_FW_036 and Furbo Mini

6.4CVSS4.4AI score0.00166EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/12 12:2 p.m.6 views

CVE-2025-11633 Tomofun Furbo 360/Furbo Mini HTTP Traffic collect_logs.sh upload_file_to_s3 certificate validation

A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is the function uploadfiletos3 of the file collectlogs.sh of the component HTTP Traffic Handler. The manipulation leads to improper certificate validation. The attack may be initiated remotely. The attack i...

6.3CVSS4.5AI score0.00235EPSS
Exploits0References3
Rows per page
Query Builder