CVE-2025-11650 | Tomofun Furbo 360/Furbo Mini Password /etc/shadow weak hash

A vulnerability described as problematic has been identified in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. Executing manipulation can lead to use of weak hash.

This vulnerability is registered as CVE-2025-11650. The physical device can be targeted for the attack. Furthermore, an exploit is available.

The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More