Tomofun Furbo 360 Race Condition Vulnerability in Audio Handler Component

Vulnerability

A race condition vulnerability has been identified in the Tomofun Furbo 360 camera, specifically in versions up to FB0035_FW_036. The issue arises within an unknown function of the Audio Handler component, where improper synchronization allows for concurrent code execution that can disrupt the device's audio playback. This vulnerability can be exploited remotely, and an attacker with access to a victim's account could send multiple treat toss commands simultaneously, causing a temporary audio failure that persists until the device is rebooted.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition on the device's audio playback, requiring a reboot to restore functionality.

Added: Oct 12, 2025, 5:17 PM

Updated: Oct 12, 2025, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tomofun Furbo 360 Race Condition Vulnerability in Audio Handler Component

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating