Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tomofun — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting Tomofun. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Tomofun:Furbo 360Furbo Mobile App
CVE IDTitleCVSSSeverityPublished
CVE-2025-11650 Tomofun Furbo 360/Furbo Mini Password shadow weak hash — Furbo 360CWE-328 1.8 Low2025-10-12
CVE-2025-11649 Tomofun Furbo 360/Furbo Mini Root Account hard-coded password — Furbo 360CWE-259 7.0 High2025-10-12
CVE-2025-11648 Tomofun Furbo 360/Furbo Mini GATT Interface URL TF_FQDN.json server-side request forgery — Furbo 360CWE-918 5.6 Medium2025-10-12
CVE-2025-11647 Tomofun Furbo 360/Furbo Mini GATT Service information disclosure — Furbo 360CWE-200 3.1 Low2025-10-12
CVE-2025-11646 Tomofun Furbo 360/Furbo Mini GATT Service access control — Furbo 360CWE-284 6.3 Medium2025-10-12
CVE-2025-11645 Tomofun Furbo Mobile App Authentication Token sensitive information — Furbo Mobile AppCWE-922 2.4 Low2025-10-12
CVE-2025-11644 Tomofun Furbo 360/Furbo Mini UART sensitive information — Furbo 360CWE-922 2.0 Low2025-10-12
CVE-2025-11643 Tomofun Furbo 360/Furbo Mini MQTT Client Certificate furbo_img hard-coded credentials — Furbo 360CWE-798 3.7 Low2025-10-12
CVE-2025-11642 Tomofun Furbo 360/Furbo Mini Registration denial of service — Furbo 360CWE-404 4.0 Medium2025-10-12
CVE-2025-11641 Tomofun Furbo 360/Furbo Mini Trial Restriction access control — Furbo 360CWE-284 3.9 Low2025-10-12
CVE-2025-11640 Tomofun Furbo 360/Furbo Mini Bluetooth Low Energy cleartext transmission — Furbo 360CWE-319 3.1 Low2025-10-12
CVE-2025-11639 Tomofun Furbo 360/Furbo Mini Debug Log S3 Bucket collect_logs.sh sensitive information — Furbo 360CWE-922 3.3 Low2025-10-12
CVE-2025-11638 Tomofun Furbo 360/Furbo Mini Bluetooth denial of service — Furbo 360CWE-404 4.3 Medium2025-10-12
CVE-2025-11637 Tomofun Furbo 360 Audio race condition — Furbo 360CWE-362 4.3 Medium2025-10-12
CVE-2025-11636 Tomofun Furbo 360 Account server-side request forgery — Furbo 360CWE-918 5.6 Medium2025-10-12
CVE-2025-11635 Tomofun Furbo 360 File Upload resource consumption — Furbo 360CWE-400 4.3 Medium2025-10-12
CVE-2025-11634 Tomofun Furbo 360/Furbo Mini UART information disclosure — Furbo 360CWE-200 2.4 Low2025-10-12
CVE-2025-11633 Tomofun Furbo 360/Furbo Mini HTTP Traffic collect_logs.sh upload_file_to_s3 certificate validation — Furbo 360CWE-295 3.7 Low2025-10-12

This page lists every published CVE security advisory associated with Tomofun. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.