PT-2026-45103 · Unknown · Shibby Tomato

Fengyi Wang

·

Published

2026-05-30

·

Updated

2026-05-30

·

CVE-2026-10124

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Shibby Tomato versions prior to 1.29
Description A stack-based buffer overflow exists in the Zserv Handler component within the rip zebra read ipv4() function of the /usr/sbin/ripd file. This issue allows a remote attacker to execute a manipulation that could lead to a crash or arbitrary code execution. This software is no longer supported by its maintainer and has been superseded by FreshTomato.
Recommendations As a temporary workaround, restrict access to the Zserv Handler component or the rip zebra read ipv4() function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-10124

Affected Products

Shibby Tomato