Tomofun Furbo 360 and Furbo Mini Bluetooth Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Tomofun Furbo 360 and Furbo Mini devices, specifically in certain firmware versions. The issue arises from an unknown function within the Bluetooth handler component, which can be manipulated to disrupt the device's normal operation. An attacker must be present on the local network to exploit this vulnerability. Affected firmware versions include Furbo 360 through FB0035_FW_036 and Furbo Mini through MC0020_FW_074.

Impact

Exploitation of this vulnerability causes the affected Furbo device to disconnect from its Wi-Fi network, a disruption that persists until the device is manually rebooted by the owner. This is particularly concerning as Furbo devices are marketed as security tools, potentially elevating the impact of this vulnerability.

Reproduction

To reproduce this vulnerability, a Python script can be executed that connects to the affected Furbo device via Bluetooth. Once connected, the script can send a command that disconnects the device from its Wi-Fi network. The disconnection remains in effect until the device is rebooted by the owner.