PT-2025-41733 · Tomofun · Tomofun Furbo Mobile App
Calvin Star
+3
·
Published
2025-10-12
·
Updated
2025-10-12
·
CVE-2025-11645
CVSS v3.1
2.4
Low
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Tomofun Furbo Mobile App versions through 7.57.0a
Description
A security issue has been identified in the Authentication Token Handler component of the Tomofun Furbo Mobile App on Android. The vulnerability involves insecure storage of sensitive information, potentially allowing for exploitation on a physical device. The exploit has been publicly disclosed. The vendor was informed of the issue but did not respond.
Recommendations
Update to a newer version of the Tomofun Furbo Mobile App that addresses this vulnerability.
Exploit
Fix
Information Disclosure
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tomofun Furbo Mobile App