Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-11638

Опубликовано: 12 окт. 2025
Источник: nvd
CVSS3: 4.3
CVSS3: 6.5
CVSS2: 3.3
EPSS Низкий

Описание

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Bluetooth Handler. Executing manipulation can lead to denial of service. The attacker needs to be present on the local network. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:furbo:furbo_mini_firmware:*:*:*:*:*:*:*:*
Версия до 074 (включая)
cpe:2.3:h:furbo:furbo_mini:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:furbo:furbo_360_dog_camera_firmware:*:*:*:*:*:*:*:*
Версия до 036 (включая)
cpe:2.3:h:furbo:furbo_360_dog_camera:*:*:*:*:*:*:*:*

EPSS

Процентиль: 16%
0.00051
Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-404

Связанные уязвимости

github логотип

GHSA-g7j9-5xxp-qjf3

CVSS3: 4.3
github
4 месяца назад

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Bluetooth Handler. Executing manipulation can lead to denial of service. The attacker needs to be present on the local network. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.

EPSS

Процентиль: 16%
0.00051
Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-404