Fengyi Wang

**Name of the Vulnerable Software and Affected Versions** Shibby Tomato versions prior to 1.29 **Description** A stack-based buffer overflow exists in the Zserv Handler component within the `rip zebra read ipv4()` function of the `/usr/sbin/ripd` file. This issue allows a remote attacker to execute a manipulation that could lead to a crash or arbitrary code execution. This software is no longer supported by its maintainer and has been superseded by FreshTomato. **Recommendations** As a temporary workaround, restrict access to the Zserv Handler component or the `rip zebra read ipv4()` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Shibby Tomato version 1.28 **Description** A flaw in the SUBSCRIBE Call Handler component allows for server-side request forgery, a condition where an attacker can induce the server to make requests to an unintended location. The issue is located in the `send()` function within the `usr/sbin/miniupnpd` file and can be triggered remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Shibby Tomato version 1.28 **Description** A remote attack can be launched against an unknown function within the `usr/sbin/miniupnpd` file, leading to resource consumption. This issue affects products that are no longer supported by the maintainer, as the project has been superseded by FreshTomato. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.