Furbo 360 产品漏洞列表 / CVE 中文分析 17

Furbo 360 产品相关 17 条漏洞，AI 中文标题与摘要、CVSS、POC 一站汇总。

ベンダー: Tomofun

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2025-11650	Tomofun Furbo 360/Furbo Mini Password shadow weak hash CWE-328	1.8	Low	2025-10-12
CVE-2025-11649	Tomofun Furbo 360/Furbo Mini Root Account hard-coded password CWE-259	7.0	High	2025-10-12
CVE-2025-11648	Tomofun Furbo 360/Furbo Mini GATT Interface URL TF_FQDN.json server-side request forgery CWE-918	5.6	Medium	2025-10-12
CVE-2025-11647	Tomofun Furbo 360/Furbo Mini GATT Service information disclosure CWE-200	3.1	Low	2025-10-12
CVE-2025-11646	Tomofun Furbo 360/Furbo Mini GATT Service access control CWE-284	6.3	Medium	2025-10-12
CVE-2025-11644	Tomofun Furbo 360/Furbo Mini UART sensitive information CWE-922	2.0	Low	2025-10-12
CVE-2025-11643	Tomofun Furbo 360/Furbo Mini MQTT Client Certificate furbo_img hard-coded credentials CWE-798	3.7	Low	2025-10-12
CVE-2025-11642	Tomofun Furbo 360/Furbo Mini Registration denial of service CWE-404	4.0	Medium	2025-10-12
CVE-2025-11641	Tomofun Furbo 360/Furbo Mini Trial Restriction access control CWE-284	3.9	Low	2025-10-12
CVE-2025-11640	Tomofun Furbo 360/Furbo Mini Bluetooth Low Energy cleartext transmission CWE-319	3.1	Low	2025-10-12
CVE-2025-11639	Tomofun Furbo 360/Furbo Mini Debug Log S3 Bucket collect_logs.sh sensitive information CWE-922	3.3	Low	2025-10-12
CVE-2025-11638	Tomofun Furbo 360/Furbo Mini Bluetooth denial of service CWE-404	4.3	Medium	2025-10-12
CVE-2025-11637	Tomofun Furbo 360 Audio race condition CWE-362	4.3	Medium	2025-10-12
CVE-2025-11636	Tomofun Furbo 360 Account server-side request forgery CWE-918	5.6	Medium	2025-10-12
CVE-2025-11635	Tomofun Furbo 360 File Upload resource consumption CWE-400	4.3	Medium	2025-10-12
CVE-2025-11634	Tomofun Furbo 360/Furbo Mini UART information disclosure CWE-200	2.4	Low	2025-10-12
CVE-2025-11633	Tomofun Furbo 360/Furbo Mini HTTP Traffic collect_logs.sh upload_file_to_s3 certificate validation CWE-295	3.7	Low	2025-10-12

Furbo 360 产品累计公开 17 条 CVE 漏洞，本页提供按时间倒序的完整列表，包含 CVSS、CWE、AI 中文摘要与可获取的 POC 链接。