Server-side request forgery in Tomofun Furbo 360 and Furbo Mini dog cameras allows remote attackers to manipulate the TF_FQDN.json configuration file via the GATT Interface URL Handler, enabling arbitrary internal network requests with low confidentiality and integrity impact. Affected firmware versions are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. Publicly available exploit code exists, though the attack requires high complexity and is not actively exploited at scale per EPSS data (0.06%, percentile 18%).
Path traversal in RainyGao DocSys up to version 2.02.36 allows authenticated remote attackers to manipulate the 'path' parameter in the updateRealDoc function (/Doc/uploadDoc.do) to write files outside intended directories. The vulnerability affects the file upload component and has publicly available exploit code, though the low CVSS score (2.1) and minimal EPSS (0.12%) indicate limited real-world impact despite confirmed public exploitability.
Path traversal in RainyGao DocSys up to version 2.02.36 allows authenticated remote attackers to manipulate the path argument in the /Doc/deleteDoc.do endpoint, enabling deletion or access to arbitrary files outside the intended directory. The vulnerability has been publicly disclosed with exploit code available on GitHub, though the vendor has not responded to early disclosure notifications. EPSS exploitation probability is low at 0.11%, and no active exploitation in CISA KEV has been reported.
SQL injection in RainyGao DocSys up to version 2.02.36 allows authenticated remote attackers to execute arbitrary SQL queries via the getUserList function in /Manage/getUserList.do, enabling unauthorized data access with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, and the vendor did not respond to early disclosure notification.
Improper access controls in the GATT Service of Tomofun Furbo 360 and Furbo Mini dog cameras allow local network attackers to disclose sensitive information without authentication. Affected firmware versions are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. Publicly available exploit code exists, though the low CVSS score of 2.1 and minimal EPSS (0.03%) reflect the local network-only attack vector and information disclosure impact.
Information disclosure vulnerability in Tomofun Furbo 360 and Furbo Mini dog cameras allows local network attackers to extract sensitive DeviceToken data via manipulation of GATT Service arguments. The attack requires high technical complexity and adjacency to the target network. Publicly available exploit code exists; however, the extremely low EPSS score (0.03%) and requirement for local network access and high attack complexity suggest limited real-world exploitation likelihood despite POC availability.
Insecure storage of sensitive information in Tomofun Furbo 360 and Furbo Mini dog cameras via UART interface allows physical attackers to extract unencrypted credentials and private data from firmware versions Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vulnerability requires physical device access and high technical complexity but publicly available exploit code exists. Vendor did not respond to early disclosure notification.
Weak cryptographic hash implementation in Tomofun Furbo 360 and Furbo Mini firmware allows local attackers with low privileges to compromise password security through use of insecure encryption algorithms in the password handler. The vulnerability affects Furbo 360 up to firmware version FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. Publicly available exploit code exists, though real-world exploitation requires physical device access and high technical complexity.
SQL injection in jimit105 Project-Online-Shopping-Website allows high-privilege remote attackers to manipulate the product_code parameter in /delete.php, enabling unauthorized query execution against the backend database. The vulnerability affects an unknown function of the Product Inventory Handler component and requires administrative credentials (PR:H). Exploit code has been published, though active exploitation remains unconfirmed by CISA KEV. EPSS score of 0.02% indicates minimal real-world exploitation probability despite CVE assignment.
Insecure storage of authentication tokens in Tomofun Furbo Mobile App for Android up to version 7.57.0a allows local attackers with physical device access to extract sensitive credential information from the device storage. The vulnerability affects the Authentication Token Handler component and has been publicly disclosed with exploit details available. Despite early vendor contact, no patch or remediation response has been provided by Tomofun.