إرسال #661361: Tomofun Furbo 360 ≤ FB0035_FW_036 Server Side Request Forgeryالمعلومات

عنوانTomofun Furbo 360 ≤ FB0035_FW_036 Server Side Request Forgery
الوصفAn attacker who compromises the Furbo account of a legitimate user can coerce the device to make a request to an attacker-controlled server by modifying the URL which is sent during the recording of a new treat toss sound. The end result is that the Furbo will download a file from the attacker's server.
المستخدم
 jTag Labs (UID 51246)
ارسال23/09/2025 07:11 PM (7 أشهر منذ)
الاعتدال11/10/2025 08:33 PM (18 days later)
الحالةتمت الموافقة
إدخال VulDB328047 [Tomofun Furbo 360 حتى FB0035_FW_036 Account تجاوز الصلاحيات]
النقاط14

Want to stay up to date on a daily basis?

Enable the mail alert feature now!