86 matches found
CVE-2026-10870
A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...
CVE-2026-10065
A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function getupsfield of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...
EUVD-2026-34339
A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function startvpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used...
CVE-2026-10872
A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function startvpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used...
CVE-2026-10124
A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function ripzebrareadipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-10124
CVE-2026-10124 affects Shibby Tomato up to version 1.28. The vulnerability targets the function rip_zebra_read_ipv4 in /usr/sbin/ripd (Zserv Handler) and can cause a stack-based buffer overflow via remote impact. Public exploit has been disclosed. The project is superseded by FreshTomato and appl...
CVE-2026-10124
A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function ripzebrareadipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-10124 Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow
A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function ripzebrareadipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-10069 Shibby Tomato miniupnpd resource consumption
A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects produc...
CVE-2026-10068 Shibby Tomato SUBSCRIBE Call miniupnpd send server-side request forgery
A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...
CVE-2026-10066
The CVE concerns Shibby Tomato versions up to 1.28, specifically the UPS Service component. It affects the function sub_9068 in tomatoups.cgi, causing a stack-based buffer overflow that can be triggered remotely. The project is superseded by FreshTomato and targets products no longer supported by...
PT-2026-44884
A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function get ups field of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded b...
RUSTSEC-2026-0054 `tokio-current-thread` is unmaintained
The tokio-current-thread crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
RUSTSEC-2026-0061 `tokio-fs` is unmaintained
The tokio-fs crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
RUSTSEC-2026-0063 `tokio-executor` is unmaintained
The tokio-executor crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
RUSTSEC-2026-0055 `tokio-process` is unmaintained
The tokio-process crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
`tokio-signal` is unmaintained
The tokio-signal crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
`tokio-uds` is unmaintained
The tokio-uds crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
`tokio-tcp` is unmaintained
The tokio-tcp crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
RUSTSEC-2026-0051 `tokio-threadpool` is unmaintained
The tokio-threadpool crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...