A vulnerability categorized as critical has been discovered in Shibby Tomato up to 1.28.0000. This affects the function sub_2D048 of the component CIFS Mount Handler. Executing a manipulation of the argument cifs1/cifs2 can lead to os command injection.

This vulnerability is handled as CVE-2026-15547. The attack can be executed remotely. Additionally, an exploit exists.

This project is superseded by FreshTomato.