Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.8 views

CVE-2026-10872

A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function startvpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used...

8.6CVSS6.8AI score0.02635EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.9 views

CVE-2026-10870

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS6.7AI score0.02199EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34339

A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function startvpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used...

8.6CVSS6.8AI score0.02635EPSS
Exploits0References7
NVD
NVD
added 2026/06/04 11:16 p.m.7 views

CVE-2026-10873

A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstatspath of the file /bin/rstats of the component Web UI. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

8.6CVSS0.02695EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/04 10:30 p.m.34 views

CVE-2026-10873 Shibby Tomato Web UI rstats rstats_path os command injection

A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstatspath of the file /bin/rstats of the component Web UI. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

8.6CVSS0.02695EPSS
Exploits0References7
CVE
CVE
added 2026/06/04 10:30 p.m.15 views

CVE-2026-10873

The CVE-2026-10873 entry pertains to Shibby Tomato 1.28.0000, where the rstats_path function in /bin/rstats of the Web UI is vulnerable. The underlying issue enables an os command injection, with remote attack potential. Public exploit details exist per the connected CVE listing, and the project ...

8.6CVSS6.8AI score0.02695EPSS
Exploits0References7
NVD
NVD
added 2026/06/04 9:16 p.m.16 views

CVE-2026-10870

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS0.02199EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/04 8:30 p.m.14 views

EUVD-2026-34323

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS6.8AI score0.02199EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.21 views

PT-2026-46399

A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstats path of the file /bin/rstats of the component Web UI. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

8.6CVSS6.8AI score0.02695EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.14 views

CVE-2026-10069

A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects produc...

8.7CVSS6.7AI score0.00438EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/30 3:45 p.m.7 views

CVE-2026-10124

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function ripzebrareadipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

9CVSS7.7AI score0.00472EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/30 3:45 p.m.38 views

CVE-2026-10124 Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function ripzebrareadipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

9CVSS0.00472EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.10 views

PT-2026-45103

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip zebra read ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

9CVSS7.7AI score0.00472EPSS
Exploits0References5
NVD
NVD
added 2026/05/29 4:16 p.m.18 views

CVE-2026-10068

A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...

7.5CVSS0.00278EPSS
Exploits0References4
NVD
NVD
added 2026/05/29 4:16 p.m.13 views

CVE-2026-10067

A vulnerability was detected in Shibby Tomato 1.28. Impacted is the function sub90F0 of the file multimon.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are...

9CVSS0.00438EPSS
Exploits0References4
NVD
NVD
added 2026/05/29 4:16 p.m.11 views

CVE-2026-10069

A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects produc...

8.7CVSS0.00438EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/29 4:0 p.m.10 views

CVE-2026-10069 Shibby Tomato miniupnpd resource consumption

A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects produc...

8.7CVSS6.7AI score0.00438EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/29 4:0 p.m.33 views

CVE-2026-10069 Shibby Tomato miniupnpd resource consumption

A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects produc...

8.7CVSS0.00438EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/29 3:45 p.m.12 views

EUVD-2026-33345

A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...

7.5CVSS5.6AI score0.00278EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/29 3:45 p.m.33 views

CVE-2026-10068 Shibby Tomato SUBSCRIBE Call miniupnpd send server-side request forgery

A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...

7.5CVSS0.00278EPSS
Exploits0References4
Rows per page
Query Builder