PT-2026-57618 · Unknown · Shibby Tomato
Published
2026-07-12
·
Updated
2026-07-13
·
CVE-2026-15545
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Shibby Tomato versions prior to 1.28.0000
Description
An out-of-bounds write issue exists in the
main() function within the www/apcupsd/tomatodata.cgi file of the apcupsd component. This flaw allows a remote attacker to perform unauthorized memory writes. This project has been superseded by FreshTomato.Recommendations
Update Shibby Tomato to a version later than 1.28.0000.
As a temporary mitigation, restrict access to the
www/apcupsd/tomatodata.cgi endpoint.Exploit
Fix
Memory Corruption
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Shibby Tomato