Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow_CVE-2026-10124

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.

Basic Information

ID CVE-2026-10124

Source VulDB

Published May 30, 2026 at 15:45

Affected Product

Vendor Shibby

Product Tomato

Version 1.0

Affected Versions Shibby Tomato 1.0
Shibby Tomato 1.1
Shibby Tomato 1.2
Shibby Tomato 1.3
Shibby Tomato 1.4
Shibby Tomato 1.5
Shibby Tomato 1.6
Shibby Tomato 1.7
Shibby Tomato 1.8
Shibby Tomato 1.9
Shibby Tomato 1.10
Shibby Tomato 1.11
Shibby Tomato 1.12
Shibby Tomato 1.13
Shibby Tomato 1.14
Shibby Tomato 1.15
Shibby Tomato 1.16
Shibby Tomato 1.17
Shibby Tomato 1.18
Shibby Tomato 1.19
Shibby Tomato 1.20
Shibby Tomato 1.21
Shibby Tomato 1.22
Shibby Tomato 1.23
Shibby Tomato 1.24
Shibby Tomato 1.25
Shibby Tomato 1.26
Shibby Tomato 1.27
Shibby Tomato 1.28

CWE Classification

CWE-121 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.",
    "published": "2026-05-30T15:45:17.819Z",
    "modified": "2026-05-30T15:45:17.819Z",
    "type": "cve",
    "title": "Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367301\nhttps://vuldb.com/vuln/367301/cti\nhttps://vuldb.com/submit/818239\nhttps://gitee.com/Fengyi-Wang/CVE/issues/IJ9FFG",
    "id": "CVE-2026-10124",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Shibby Tomato 1.0\nShibby Tomato 1.1\nShibby Tomato 1.2\nShibby Tomato 1.3\nShibby Tomato 1.4\nShibby Tomato 1.5\nShibby Tomato 1.6\nShibby Tomato 1.7\nShibby Tomato 1.8\nShibby Tomato 1.9\nShibby Tomato 1.10\nShibby Tomato 1.11\nShibby Tomato 1.12\nShibby Tomato 1.13\nShibby Tomato 1.14\nShibby Tomato 1.15\nShibby Tomato 1.16\nShibby Tomato 1.17\nShibby Tomato 1.18\nShibby Tomato 1.19\nShibby Tomato 1.20\nShibby Tomato 1.21\nShibby Tomato 1.22\nShibby Tomato 1.23\nShibby Tomato 1.24\nShibby Tomato 1.25\nShibby Tomato 1.26\nShibby Tomato 1.27\nShibby Tomato 1.28",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Tomato",
    "version": "1.0",
    "vendor": "Shibby",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}