CVE-2025-11636 – This CVE describes a server-side request forger... (How to Fix)

Q: What is the severity of CVE-2025-11636?

CVE-2025-11636 has a CVSS score of 5.6 (MEDIUM). This CVE describes a server-side request forgery (SSRF) vulnerability in Tomofun Furbo 360 pet cameras up to firmware version FB0035_FW_036. Attackers can exploit the Account Handler component to make the device send unauthorized requests to internal or external systems. All users of affected Furbo 360 devices with vulnerable firmware are impacted.

📋 TL;DR

This CVE describes a server-side request forgery (SSRF) vulnerability in Tomofun Furbo 360 pet cameras up to firmware version FB0035_FW_036. Attackers can exploit the Account Handler component to make the device send unauthorized requests to internal or external systems. All users of affected Furbo 360 devices with vulnerable firmware are impacted.

💻 Affected Systems

Products:

Tomofun Furbo 360

Versions: Up to firmware version FB0035_FW_036

Operating Systems: Embedded IoT firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running vulnerable firmware versions are affected. The vulnerability is in the Account Handler component.

📦 What is this software?

Furbo 360 Dog Camera Firmware by Furbo

View all CVEs affecting Furbo 360 Dog Camera Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could use the device as a proxy to attack internal network services, potentially accessing sensitive internal systems, exfiltrating data, or performing lateral movement within the network.

🟠

Likely Case

Attackers could use the device to scan internal networks, access metadata services, or interact with internal APIs that shouldn't be exposed externally.

🟢

If Mitigated

With proper network segmentation and egress filtering, the impact would be limited to the device itself and any directly accessible services.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

The vulnerability requires remote access and is described as high complexity/difficult to exploit. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware newer than FB0035_FW_036

Vendor Advisory: Not provided by vendor (vendor did not respond to disclosure)

Restart Required: No

Instructions:

1. Check current firmware version in Furbo app. 2. If version is FB0035_FW_036 or older, update to latest firmware through the Furbo mobile app. 3. Verify update completes successfully.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Furbo devices on a separate VLAN or network segment to limit potential lateral movement.

Egress Filtering

all

Implement firewall rules to restrict outbound connections from Furbo devices to only necessary services.

🧯 If You Can't Patch

Segment the Furbo device on an isolated network with strict egress filtering
Monitor network traffic from the device for unusual outbound connections

🔍 How to Verify

Check if Vulnerable:

Check firmware version in Furbo mobile app under Device Settings > Firmware Version. If version is FB0035_FW_036 or lower, device is vulnerable.

Check Version:

Check via Furbo mobile app: Device Settings > Firmware Version

Verify Fix Applied:

After updating, verify firmware version shows a version newer than FB0035_FW_036 in the Furbo app.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP/HTTPS requests from Furbo device IP
Requests to internal IP ranges or metadata services from device

Network Indicators:

HTTP requests from Furbo device to unexpected internal or external endpoints
Traffic patterns suggesting port scanning from device

SIEM Query:

source_ip="[FURBO_DEVICE_IP]" AND (dest_ip=~"10.*|172.16.*|192.168.*|169.254.169.254" OR dest_port<1024)

📊 Metadata

CVE ID: CVE-2025-11636

CVSS v3 Score: 5.6 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-918

EPSS Score: 0.07% exploit probability (20.8th percentile)

Published: October 12, 2025

Last Updated: October 30, 2025

🔗 References

https://vuldb.com/?ctiid.328047 Permissions Required,VDB Entry
https://vuldb.com/?id.328047 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.661361 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11636, you might also want to check these: