CNNVD-202510-1590 Information
CNNVD ID
CNNVD-202510-1590
Related CVE
- CNNVD Published: 2025-10-12
Description (Chinese)
Tomofun Furbo 360和Tomofun Furbo Mini都是中国台湾Tomofun公司的一款智能宠物摄像机。 Tomofun Furbo 360 FB0035_FW_036及之前版本和Tomofun Furbo Mini MC0020_FW_074及之前版本存在访问控制错误漏洞,该漏洞源于对组件GATT Service中参数DeviceToken的错误操作,可能导致信息泄露。
Description (English)
Tomofun Furbo 360 and Tomofun Furbo Mini are smart pet cameras from Tomofun, Taiwan, China. Tomofun Furbo 360 FB0035 FW 036 et seq. and Tomofun Furbo Mini MC0020 FW 074 et seq. have access control bugs, which are the result of an error on the parameter DeviceToken in component GATT Service, which may lead to the disclosure of information.
Hazard Level
Critical
Vulnerability Type
访问控制错误
Affected Vendor
Tomofun
Published
2025-10-12
Last Modified
2026-02-24
References
https://vuldb.com/?id.328058 https://github.com/dead1nfluence/Furbo-Advisories/blob/main/Information-Disclosure-DeviceToken.md https://vuldb.com/?ctiid.328058 https://vuldb.com/?submit.662767 https://access.redhat.com/security/cve/cve-2025-11647
Share on: