CVE-2025-11649 – This vulnerability allows attackers with local ... (How to Fix)

Q: What is the severity of CVE-2025-11649?

CVE-2025-11649 has a CVSS score of 7.0 (HIGH). This vulnerability allows attackers with local access to exploit a hard-coded password in the Root Account Handler component of Tomofun Furbo pet cameras. This could enable unauthorized root access to affected devices. Users of Furbo 360 and Furbo Mini cameras with vulnerable firmware versions are affected.

📋 TL;DR

This vulnerability allows attackers with local access to exploit a hard-coded password in the Root Account Handler component of Tomofun Furbo pet cameras. This could enable unauthorized root access to affected devices. Users of Furbo 360 and Furbo Mini cameras with vulnerable firmware versions are affected.

💻 Affected Systems

Products:

Tomofun Furbo 360
Tomofun Furbo Mini

Versions: Furbo 360 up to FB0035_FW_036, Furbo Mini up to MC0020_FW_074

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running affected firmware versions are vulnerable by default. No special configuration required.

📦 What is this software?

Furbo 360 Dog Camera Firmware by Furbo

View all CVEs affecting Furbo 360 Dog Camera Firmware →

Furbo Mini Firmware by Furbo

View all CVEs affecting Furbo Mini Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attackers to gain root access, install malware, intercept camera feeds, or use the device as a foothold into the local network.

🟠

Likely Case

Local attackers gaining administrative control of the camera device, potentially accessing video feeds or device settings.

🟢

If Mitigated

Limited impact due to local-only attack vector and high complexity, with proper network segmentation preventing lateral movement.

🌐 Internet-Facing: LOW - Attack requires local access to the device, not remotely exploitable over the internet.

🏢 Internal Only: MEDIUM - Local attackers on the same network could potentially exploit this, though complexity is high.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploit requires local access and technical knowledge. Public exploit details available but vendor has not responded to disclosure.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Monitor vendor website for firmware updates and apply when released.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Furbo cameras on a separate VLAN or network segment to limit potential lateral movement.

Physical Security Controls

all

Restrict physical access to devices and ensure they're in secure locations to prevent local attacks.

🧯 If You Can't Patch

Replace affected devices with newer models or different brands if security is critical
Disable unnecessary features and services on the cameras to reduce attack surface

🔍 How to Verify

Check if Vulnerable:

Check firmware version in Furbo app settings: Settings > Device Info > Firmware Version

Check Version:

No CLI command available. Use Furbo mobile app to check firmware version.

Verify Fix Applied:

Verify firmware version is above FB0035_FW_036 for Furbo 360 or above MC0020_FW_074 for Furbo Mini

📡 Detection & Monitoring

Log Indicators:

Multiple failed authentication attempts followed by successful root login
Unusual process execution from root account

Network Indicators:

Unexpected outbound connections from Furbo devices
Unusual network traffic patterns from camera IPs

SIEM Query:

source="furbo*" AND (event_type="authentication" AND result="success" AND user="root")

📊 Metadata

CVE ID: CVE-2025-11649

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-255

EPSS Score: 0.02% exploit probability (5.7th percentile)

Published: October 12, 2025

Last Updated: October 28, 2025

🔗 References

https://github.com/dead1nfluence/Furbo-Advisories/blob/main/Hardcoded-Password.md Third Party Advisory
https://vuldb.com/?ctiid.328060 Permissions Required,VDB Entry
https://vuldb.com/?id.328060 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.662769 Third Party Advisory,VDB Entry
https://github.com/dead1nfluence/Furbo-Advisories/blob/main/Hardcoded-Password.md Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11649, you might also want to check these: