VDB-328048 · CVE-2025-11637 · EUVD-2025-33901

Tomofun Furbo 360 ଯେପର୍ଯ୍ୟନ୍ତ FB0035_FW_036 Audio ଦୌଡ଼ ଅବସ୍ଥା

Dogoggorri kan akka ସମସ୍ୟାଜନକ jedhamuun ramadame Tomofun Furbo 360 ଯେପର୍ଯ୍ୟନ୍ତ FB0035_FW_036 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne kutaa Audio Handler keessa. Dhugumatti jijjiirraa gara ଦୌଡ଼ ଅବସ୍ଥା geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-362 si geessa. Dogoggorri 05/15/2025 irratti adda bahe. Beekumsi kun yeroo 10/11/2025 ifoomsifameera kan ifoomsise Calvin Star, Julian B (skelet4r and dead1nfluence) waliin Software Secured. Dogoggorri kun maqaa CVE-2025-11637 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa hin jiru. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Hanqinni kun guyyoota 148 ol tajaajila zero-day kan hin beekkaminitti fayyadamee ture. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Once again VulDB remains the best source for vulnerability data.

6 ଆଡାପ୍ଟେସନ୍ · 117 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ଅଦ୍ୟତନ 1/5 10/12/2025 08:06 PM	ଅଦ୍ୟତନ 2/5 10/12/2025 08:18 PM	ଅଦ୍ୟତନ 3/5 10/16/2025 07:41 AM	ଅଦ୍ୟତନ 4/5 10/16/2025 07:44 AM	ଅଦ୍ୟତନ 5/5 10/31/2025 04:51 AM
software_vendor	Tomofun	Tomofun	Tomofun	Tomofun	Tomofun
software_name	Furbo 360	Furbo 360	Furbo 360	Furbo 360	Furbo 360
software_version	<=FB0035_FW_036	<=FB0035_FW_036	<=FB0035_FW_036	<=FB0035_FW_036	<=FB0035_FW_036
software_component	Audio Handler	Audio Handler	Audio Handler	Audio Handler	Audio Handler
vulnerability_cwe	CWE-362 (ଦୌଡ଼ ଅବସ୍ଥା)	CWE-362 (ଦୌଡ଼ ଅବସ୍ଥା)	CWE-362 (ଦୌଡ଼ ଅବସ୍ଥା)	CWE-362 (ଦୌଡ଼ ଅବସ୍ଥା)	CWE-362 (ଦୌଡ଼ ଅବସ୍ଥା)
vulnerability_risk	1	1	1	1	1
cvss3_vuldb_av	N	N	N	N	N
cvss3_vuldb_ac	L	L	L	L	L
cvss3_vuldb_pr	L	L	L	L	L
cvss3_vuldb_ui	N	N	N	N	N
cvss3_vuldb_s	U	U	U	U	U
cvss3_vuldb_c	N	N	N	N	N
cvss3_vuldb_i	N	N	N	N	N
cvss3_vuldb_a	L	L	L	L	L
source_cve	CVE-2025-11637	CVE-2025-11637	CVE-2025-11637	CVE-2025-11637	CVE-2025-11637
cna_responsible	VulDB	VulDB	VulDB	VulDB	VulDB
response_summary	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.
cvss2_vuldb_av	N	N	N	N	N
cvss2_vuldb_ac	L	L	L	L	L
cvss2_vuldb_ci	N	N	N	N	N
cvss2_vuldb_ii	N	N	N	N	N
cvss2_vuldb_ai	P	P	P	P	P
cvss4_vuldb_av	N	N	N	N	N
cvss4_vuldb_ac	L	L	L	L	L
cvss4_vuldb_pr	L	L	L	L	L
cvss4_vuldb_ui	N	N	N	N	N
cvss4_vuldb_vc	N	N	N	N	N
cvss4_vuldb_vi	N	N	N	N	N
cvss4_vuldb_va	L	L	L	L	L
cvss2_vuldb_au	S	S	S	S	S
cvss2_vuldb_e	ND	ND	ND	POC	POC
cvss2_vuldb_rl	ND	ND	ND	ND	ND
cvss2_vuldb_rc	ND	ND	ND	ND	ND
cvss3_vuldb_e	X	X	X	P	P
cvss3_vuldb_rl	X	X	X	X	X
cvss3_vuldb_rc	X	X	X	X	X
cvss4_vuldb_at	N	N	N	N	N
cvss4_vuldb_sc	N	N	N	N	N
cvss4_vuldb_si	N	N	N	N	N
cvss4_vuldb_sa	N	N	N	N	N
cvss4_vuldb_e	X	X	X	X	X
cvss2_vuldb_basescore	4.0	4.0	4.0	4.0	4.0
cvss2_vuldb_tempscore	4.0	4.0	4.0	4.0	3.6
cvss3_vuldb_basescore	4.3	4.3	4.3	4.3	4.3
cvss3_vuldb_tempscore	4.3	4.3	4.3	4.1	4.1
cvss3_meta_basescore	4.3	4.3	4.3	4.3	4.1
cvss3_meta_tempscore	4.3	4.3	4.3	4.2	4.0
cvss4_vuldb_bscore	5.3	5.3	5.3	5.3	5.3
cvss4_vuldb_btscore	5.3	5.3	5.3	2.1	2.1
advisory_date	1760133600 (10/11/2025)	1760133600 (10/11/2025)	1760133600 (10/11/2025)	1760133600 (10/11/2025)	1760133600 (10/11/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k	$0-$5k
euvd_id	EUVD-2025-33901	EUVD-2025-33901	EUVD-2025-33901	EUVD-2025-33901	EUVD-2025-33901
cve_nvd_summary		A vulnerability was detected in Tomofun Furbo 360 up to FB0035_FW_036. Impacted is an unknown function of the component Audio Handler. Performing manipulation results in race condition. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way.	A vulnerability was detected in Tomofun Furbo 360 up to FB0035_FW_036. Impacted is an unknown function of the component Audio Handler. Performing manipulation results in race condition. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way.	A vulnerability was detected in Tomofun Furbo 360 up to FB0035_FW_036. Impacted is an unknown function of the component Audio Handler. Performing manipulation results in race condition. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way.	A vulnerability was detected in Tomofun Furbo 360 up to FB0035_FW_036. Impacted is an unknown function of the component Audio Handler. Performing manipulation results in race condition. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way.
cvss4_cna_av		N	N	N	N
cvss4_cna_ac		L	L	L	L
cvss4_cna_at		N	N	N	N
cvss4_cna_pr		L	L	L	L
cvss4_cna_ui		N	N	N	N
cvss4_cna_vc		N	N	N	N
cvss4_cna_vi		N	N	N	N
cvss4_cna_va		L	L	L	L
cvss4_cna_sc		N	N	N	N
cvss4_cna_si		N	N	N	N
cvss4_cna_sa		N	N	N	N
cvss4_cna_bscore		5.3	5.3	5.3	5.3
cvss3_cna_av		N	N	N	N
cvss3_cna_ac		L	L	L	L
cvss3_cna_pr		L	L	L	L
cvss3_cna_ui		N	N	N	N
cvss3_cna_s		U	U	U	U
cvss3_cna_c		N	N	N	N
cvss3_cna_i		N	N	N	N
cvss3_cna_a		L	L	L	L
cvss3_cna_basescore		4.3	4.3	4.3	4.3
cvss2_cna_av		N	N	N	N
cvss2_cna_ac		L	L	L	L
cvss2_cna_au		S	S	S	S
cvss2_cna_ci		N	N	N	N
cvss2_cna_ii		N	N	N	N
cvss2_cna_ai		P	P	P	P
cvss2_cna_basescore		4	4	4	4
developer_nickname			dead1nfluence	dead1nfluence	dead1nfluence
vulnerability_discoverydate			1747332000 (05/15/2025)	1747332000 (05/15/2025)	1747332000 (05/15/2025)
company_website			https://www.softwaresecured.com/blog	https://www.softwaresecured.com/blog	https://www.softwaresecured.com/blog
advisory_disputed			0	0	0
person_nickname			skelet4r/dead1nfluence	skelet4r/dead1nfluence	skelet4r/dead1nfluence
advisory_confirm_date			1751509800 (07/03/2025)	1751509800 (07/03/2025)	1751509800 (07/03/2025)
exploit_availability			1	1	1
company_name			Software Secured	Software Secured	Software Secured
developer_name			Julian B	Julian B	Julian B
exploit_wormified			0	0	0
vulnerability_vendorinformdate			1750539600 (06/21/2025)	1750539600 (06/21/2025)	1750539600 (06/21/2025)
advisory_advisoryquote			An attacker who gains access to a victim's account can use a race condition to issue multiple treat toss command in parallel which will break the audio on the device. As a result, no further audio can be played from the device until it has been rebooted.	An attacker who gains access to a victim's account can use a race condition to issue multiple treat toss command in parallel which will break the audio on the device. As a result, no further audio can be played from the device until it has been rebooted.	An attacker who gains access to a victim's account can use a race condition to issue multiple treat toss command in parallel which will break the audio on the device. As a result, no further audio can be played from the device until it has been rebooted.
exploit_language			JavaScript	JavaScript	JavaScript
software_type			Firmware Software	Firmware Software	Firmware Software
exploit_publicity			0	0	0
vulnerability_historic			0	0	0
person_name			Calvin Star/Julian B	Calvin Star/Julian B	Calvin Star/Julian B
exploit_freeformen			1. Create a Frida Script which hooks into the Treat Toss Sound function and send multiple sounds in quick succession 2. On a rooted Android phone, with Frida Server installed, open the Furbo app and connect to your camera. 3. Run the Frida script 4. In the mobile app select the treat toss. 5. Observe that a short noise is played, and, after having ended the Frida script, the device will no longer make noise	1. Create a Frida Script which hooks into the Treat Toss Sound function and send multiple sounds in quick succession 2. On a rooted Android phone, with Frida Server installed, open the Furbo app and connect to your camera. 3. Run the Frida script 4. In the mobile app select the treat toss. 5. Observe that a short noise is played, and, after having ended the Frida script, the device will no longer make noise	1. Create a Frida Script which hooks into the Treat Toss Sound function and send multiple sounds in quick succession 2. On a rooted Android phone, with Frida Server installed, open the Furbo app and connect to your camera. 3. Run the Frida script 4. In the mobile app select the treat toss. 5. Observe that a short noise is played, and, after having ended the Frida script, the device will no longer make noise
advisory_falsepositive			0	0	0
cvss3_nvd_av					N
cvss3_nvd_ac					H
cvss3_nvd_pr					N
cvss3_nvd_ui					N
cvss3_nvd_s					U
cvss3_nvd_c					N
cvss3_nvd_i					N
cvss3_nvd_a					L
cvss3_nvd_basescore					3.7

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!