CVE-2025-11641

A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown function of the component Trial Restriction Handler. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The attack is considered to have high...

CVE-2025-11634

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown part of the component UART Interface. The manipulation results in information disclosure. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited...

CVE-2025-11646 Tomofun Furbo 360/Furbo Mini GATT Service access control

A vulnerability was detected in Tomofun Furbo 360 and Furbo Mini. This vulnerability affects unknown code of the component GATT Service. The manipulation results in improper access controls. The attack can only be performed from the local network. The exploit is now public and may be used. The...

CVE-2025-11643

A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. Affected by this vulnerability is an unknown functionality of the file /squashfs-root/furboimg of the component MQTT Client Certificate. Performing manipulation results in hard-coded credentials. The attack may be initiated...

CVE-2025-11644 Tomofun Furbo 360/Furbo Mini UART sensitive information

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

Tomofun Furbo 360和Tomofun Furbo Mini 信任管理问题漏洞

Tomofun Furbo 360 and Tomofun Furbo Mini are both smart pet cameras from Tomofun Corporation of Taiwan, China. A trust management issue vulnerability exists in Tomofun Furbo 360 FB0035FW036 and earlier versions and Tomofun Furbo Mini MC0020FW074 and earlier versions, which stems from improper...