Tomofun Furbo 360 ଯେପର୍ଯ୍ୟନ୍ତ FB0035_FW_036 Account ବିସ୍ତାରିତ ଅଧିକାର

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu Tomofun Furbo 360 ଯେପର୍ଯ୍ୟନ୍ତ FB0035_FW_036 keessatti argameera. Kan miidhamte is hojii hin beekamne kutaa Account Handler keessa. Hojii jijjiirraa gara ବିସ୍ତାରିତ ଅଧିକାର geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-918 geessa. Dogoggorri 05/15/2025 keessatti argame. Dadhabbii kana yeroo 10/11/2025 maxxanfameera kan maxxansiise Calvin Star, Julian B (skelet4r and dead1nfluence) waliin Software Secured. Dogoggorri kun akka CVE-2025-11636tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa hin jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Hanqinni kun guyyoota 148 caalaa akka zero-day kan ummataaf hin ifneetti fayyadamee ture. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

6 ଆଡାପ୍ଟେସନ୍ · 114 ପଏଣ୍ଟ

ଫିଲ୍ଡଅଦ୍ୟତନ 1/5
10/12/2025 05:57 PM
ଅଦ୍ୟତନ 2/5
10/12/2025 06:45 PM
ଅଦ୍ୟତନ 3/5
10/16/2025 07:41 AM
ଅଦ୍ୟତନ 4/5
10/16/2025 07:44 AM
ଅଦ୍ୟତନ 5/5
10/31/2025 04:51 AM
software_vendorTomofunTomofunTomofunTomofunTomofun
software_nameFurbo 360Furbo 360Furbo 360Furbo 360Furbo 360
software_version<=FB0035_FW_036<=FB0035_FW_036<=FB0035_FW_036<=FB0035_FW_036<=FB0035_FW_036
software_componentAccount HandlerAccount HandlerAccount HandlerAccount HandlerAccount Handler
vulnerability_cweCWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)
vulnerability_risk22222
cvss3_vuldb_avNNNNN
cvss3_vuldb_acHHHHH
cvss3_vuldb_prNNNNN
cvss3_vuldb_uiNNNNN
cvss3_vuldb_sUUUUU
cvss3_vuldb_cLLLLL
cvss3_vuldb_iLLLLL
cvss3_vuldb_aLLLLL
source_cveCVE-2025-11636CVE-2025-11636CVE-2025-11636CVE-2025-11636CVE-2025-11636
cna_responsibleVulDBVulDBVulDBVulDBVulDB
response_summaryThe vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.
cvss2_vuldb_avNNNNN
cvss2_vuldb_acHHHHH
cvss2_vuldb_auNNNNN
cvss2_vuldb_ciPPPPP
cvss2_vuldb_iiPPPPP
cvss2_vuldb_aiPPPPP
cvss4_vuldb_avNNNNN
cvss4_vuldb_acHHHHH
cvss4_vuldb_prNNNNN
cvss4_vuldb_uiNNNNN
cvss4_vuldb_vcLLLLL
cvss4_vuldb_viLLLLL
cvss4_vuldb_vaLLLLL
cvss2_vuldb_eNDNDNDPOCPOC
cvss2_vuldb_rlNDNDNDNDND
cvss2_vuldb_rcNDNDNDNDND
cvss3_vuldb_eXXXPP
cvss3_vuldb_rlXXXXX
cvss3_vuldb_rcXXXXX
cvss4_vuldb_atNNNNN
cvss4_vuldb_scNNNNN
cvss4_vuldb_siNNNNN
cvss4_vuldb_saNNNNN
cvss4_vuldb_eXXXXX
cvss2_vuldb_basescore5.15.15.15.15.1
cvss2_vuldb_tempscore5.15.15.15.14.6
cvss3_vuldb_basescore5.65.65.65.65.6
cvss3_vuldb_tempscore5.65.65.65.35.3
cvss3_meta_basescore5.65.65.65.66.4
cvss3_meta_tempscore5.65.65.65.46.3
cvss4_vuldb_bscore6.36.36.36.36.3
cvss4_vuldb_btscore6.36.36.32.92.9
advisory_date1760133600 (10/11/2025)1760133600 (10/11/2025)1760133600 (10/11/2025)1760133600 (10/11/2025)1760133600 (10/11/2025)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k$0-$5k
cve_nvd_summaryA security vulnerability has been detected in Tomofun Furbo 360 up to FB0035_FW_036. This issue affects some unknown processing of the component Account Handler. Such manipulation leads to server-side request forgery. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The vendor was contacted early about this disclosure but did not respond in any way.A security vulnerability has been detected in Tomofun Furbo 360 up to FB0035_FW_036. This issue affects some unknown processing of the component Account Handler. Such manipulation leads to server-side request forgery. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The vendor was contacted early about this disclosure but did not respond in any way.A security vulnerability has been detected in Tomofun Furbo 360 up to FB0035_FW_036. This issue affects some unknown processing of the component Account Handler. Such manipulation leads to server-side request forgery. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The vendor was contacted early about this disclosure but did not respond in any way.A security vulnerability has been detected in Tomofun Furbo 360 up to FB0035_FW_036. This issue affects some unknown processing of the component Account Handler. Such manipulation leads to server-side request forgery. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The vendor was contacted early about this disclosure but did not respond in any way.A security vulnerability has been detected in Tomofun Furbo 360 up to FB0035_FW_036. This issue affects some unknown processing of the component Account Handler. Such manipulation leads to server-side request forgery. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
cvss4_cna_avNNNNN
cvss4_cna_acHHHHH
cvss4_cna_atNNNNN
cvss4_cna_prNNNNN
cvss4_cna_uiNNNNN
cvss4_cna_vcLLLLL
cvss4_cna_viLLLLL
cvss4_cna_vaLLLLL
cvss4_cna_scNNNNN
cvss4_cna_siNNNNN
cvss4_cna_saNNNNN
cvss4_cna_bscore6.36.36.36.36.3
cvss3_cna_avNNNNN
cvss3_cna_acHHHHH
cvss3_cna_prNNNNN
cvss3_cna_uiNNNNN
cvss3_cna_sUUUUU
cvss3_cna_cLLLLL
cvss3_cna_iLLLLL
cvss3_cna_aLLLLL
cvss3_cna_basescore5.65.65.65.65.6
cvss2_cna_avNNNNN
cvss2_cna_acHHHHH
cvss2_cna_auNNNNN
cvss2_cna_ciPPPPP
cvss2_cna_iiPPPPP
cvss2_cna_aiPPPPP
cvss2_cna_basescore5.15.15.15.15.1
euvd_idEUVD-2025-33899EUVD-2025-33899EUVD-2025-33899EUVD-2025-33899
advisory_disputed000
advisory_freeformenAn attacker who compromises the Furbo account of a legitimate user can coerce the device to make a request to an attacker-controlled server by modifying the URL which is sent during the recording of a new treat toss sound. The end result is that the Furbo will download a file from the attacker's server.An attacker who compromises the Furbo account of a legitimate user can coerce the device to make a request to an attacker-controlled server by modifying the URL which is sent during the recording of a new treat toss sound. The end result is that the Furbo will download a file from the attacker's server.An attacker who compromises the Furbo account of a legitimate user can coerce the device to make a request to an attacker-controlled server by modifying the URL which is sent during the recording of a new treat toss sound. The end result is that the Furbo will download a file from the attacker's server.
exploit_publicity000
person_nameCalvin Star/Julian BCalvin Star/Julian BCalvin Star/Julian B
vulnerability_vendorinformdate1750539600 (06/21/2025)1750539600 (06/21/2025)1750539600 (06/21/2025)
company_websitehttps://www.softwaresecured.com/bloghttps://www.softwaresecured.com/bloghttps://www.softwaresecured.com/blog
vulnerability_discoverydate1747332000 (05/15/2025)1747332000 (05/15/2025)1747332000 (05/15/2025)
advisory_confirm_date1751509800 (07/03/2025)1751509800 (07/03/2025)1751509800 (07/03/2025)
exploit_availability111
exploit_freeformen1. Create a Frida script hook the treat toss service and replace the URL with an attacker controlled URL 2. Start the Furbo app and Frida Server on a jail broken phone 3. Run the Fride Script 4. In the Furbo app, navigate to the Furbo device settings. 5. Select Treat Toss Sound and enable "Record My Own Sound". 6. Record a short audio clip and Swipe right to push the change. 7. On the attacker-controlled server, observe the inbound request from the Furbo Device.1. Create a Frida script hook the treat toss service and replace the URL with an attacker controlled URL 2. Start the Furbo app and Frida Server on a jail broken phone 3. Run the Fride Script 4. In the Furbo app, navigate to the Furbo device settings. 5. Select Treat Toss Sound and enable "Record My Own Sound". 6. Record a short audio clip and Swipe right to push the change. 7. On the attacker-controlled server, observe the inbound request from the Furbo Device.1. Create a Frida script hook the treat toss service and replace the URL with an attacker controlled URL 2. Start the Furbo app and Frida Server on a jail broken phone 3. Run the Fride Script 4. In the Furbo app, navigate to the Furbo device settings. 5. Select Treat Toss Sound and enable "Record My Own Sound". 6. Record a short audio clip and Swipe right to push the change. 7. On the attacker-controlled server, observe the inbound request from the Furbo Device.
person_nicknameskelet4r/dead1nfluenceskelet4r/dead1nfluenceskelet4r/dead1nfluence
software_typeFirmware SoftwareFirmware SoftwareFirmware Software
vulnerability_historic000
exploit_wormified000
company_nameSoftware SecuredSoftware SecuredSoftware Secured
advisory_falsepositive000
cvss3_nvd_avN
cvss3_nvd_acH
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_nvd_basescore8.1

Interested in the pricing of exploits?

See the underground prices here!