A vulnerability was found in Shibby Tomato up to 1.28.0000. It has been rated as critical. Affected by this issue is the function
sub_2D568 of the component start_jffs2. Performing a manipulation of the argument jffs2_exec results in os command injection.
This vulnerability is known as CVE-2026-15546. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
This project is superseded by FreshTomato.