CVE-2026-10124

Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow

CVSS 8.7 HIGHEPSS 0.5%CWE-119 CWE-121

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Productos afectados

Shibby · Tomato

PoCs públicas encontradas — 1

cve_referencegitee.com/Fengyi-Wang/CVE/issues/IJ9FFGno verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://gitee.com/Fengyi-Wang/CVE/issues/IJ9FFG https://vuldb.com/submit/818239 https://vuldb.com/vuln/367301 https://vuldb.com/vuln/367301/cti