CVE-2026-10124 | Shibby Tomato up to 1.28 Zserv /usr/sbin/ripd rip_zebra_read_ipv4 stack-based overflow (IJ9FFG)

Inserito da Angelo Barbosa | Mag 29, 2026 | CVE

A vulnerability labeled as critical has been found in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is registered as CVE-2026-10124. It is possible to launch the attack remotely. Furthermore, an exploit is available.

This project is superseded by FreshTomato.

CVE-2026-10124 | Shibby Tomato up to 1.28 Zserv /usr/sbin/ripd rip_zebra_read_ipv4 stack-based overflow (IJ9FFG)

Post correlati

CVE-2024-7490 | Microchip Techology Advanced Software Framework up to 3.52.0.2574 DHCP Server tinydhcpserver.C lwip_dhcp_find_option buffer overflow

CVE-2024-5137 | PHPGurukul Directory Management System 1.0 Searchbar /admin/admin-profile.php cross site scripting

CVE-2025-41724 | Sauter EY-modulo 5 ecos 5 ecos505 up to 3.1.x Incomplete SOAP Request failure to handle incomplete element (vde-2025-060)

CVE-2026-7461 | AWS Amazon ECS Agent up to 1.102.0 on Windows os command injection