Invia #661899: Tomofun Furbo Mobile Application ≤ 7.57.0a Insecure Storage of Sensitive Informationinformazioni

TitoloTomofun Furbo Mobile Application ≤ 7.57.0a Insecure Storage of Sensitive Information
DescrizioneAn attacker who obtains access to the device of a Furbo account owner may be able to retrieve the MFAAuthCode, Cognito Authentication token, as well as P2P authentication codes associated with the account from the device's memory. This information persists on the device after the mobile application has been closed.
Fonte⚠️ https://github.com/dead1nfluence/Furbo-Advisories/blob/main/Insecure.md
Utente
 jTag Labs (UID 51246)
Sottomissione24/09/2025 16:17 (9 mesi fa)
Moderazione11/10/2025 20:33 (17 days later)
StatoAccettato
Voce VulDB328056 [Tomofun Furbo Mobile App fino a 7.57.0a su Android Authentication Token rivelazione di informazioni]
Punti18

PrecedenteVisione D'ensembleIl prossimo

Might our Artificial Intelligence support you?

Check our Alexa App!