CVE-2025-11635

Published: Oct 12, 2025Modified: Oct 30, 2025

5.3

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: CNA (Secondary)

Description

A weakness has been identified in Tomofun Furbo 360 up to FB0035_FW_036. This vulnerability affects unknown code of the component File Upload. This manipulation causes resource consumption. Remote exploitation of the attack is possible. The vendor was contacted early about this disclosure but did not respond in any way.

Affected (1)

Products: Furbo: Furbo 360 Dog Camera Firmware

1 product

Furbo 360 Dog Camera Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Furbo Furbo 360 Dog Camera Firmware	Up to 036

Running on/with	Platform Versions
Furbo Furbo 360 Dog Camera	All versions

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

References (3)

https://vuldb.com/?ctiid.328046

Source: cna@vuldb.com

Permissions RequiredVDB Entry

https://vuldb.com/?id.328046

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.661354

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

Timeline

No history available yet.