CVE-2026-10124: Stack-based Buffer Overflow in Shibby Tomato
CVE-2026-10124 is a high-severity stack-based buffer overflow vulnerability in Shibby Tomato firmware up to version 1. 28. The flaw exists in the rip_zebra_read_ipv4 function within the /usr/sbin/ripd component's Zserv Handler. This vulnerability can be exploited remotely without user interaction and allows an attacker to cause a stack-based buffer overflow. The exploit has been publicly disclosed, but the affected product is no longer supported as it has been superseded by FreshTomato. No official patch or remediation is currently documented.
AI Analysis
Technical Summary
The vulnerability CVE-2026-10124 affects Shibby Tomato firmware versions 1.0 through 1.28. It is a stack-based buffer overflow in the rip_zebra_read_ipv4 function of the ripd daemon's Zserv Handler component. An attacker can remotely trigger this overflow, potentially leading to code execution or denial of service. The vulnerability has a CVSS 4.0 base score of 8.7, indicating high severity with network attack vector, low attack complexity, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. The project is no longer maintained, and no official fix is available.
Potential Impact
Successful exploitation of this vulnerability can lead to a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code or cause a denial of service on affected devices running Shibby Tomato firmware up to version 1.28. Given the high CVSS score and the remote attack vector, impacted systems are at significant risk if exposed to untrusted networks.
Mitigation Recommendations
Since Shibby Tomato is no longer supported and no official patch or remediation is available, users should migrate to the FreshTomato project or other supported firmware alternatives. Network exposure of affected devices should be minimized or eliminated to reduce risk. Patch status is not confirmed; check vendor or community advisories for any unofficial mitigations or updates.
CVE-2026-10124: Stack-based Buffer Overflow in Shibby Tomato
Description
CVE-2026-10124 is a high-severity stack-based buffer overflow vulnerability in Shibby Tomato firmware up to version 1. 28. The flaw exists in the rip_zebra_read_ipv4 function within the /usr/sbin/ripd component's Zserv Handler. This vulnerability can be exploited remotely without user interaction and allows an attacker to cause a stack-based buffer overflow. The exploit has been publicly disclosed, but the affected product is no longer supported as it has been superseded by FreshTomato. No official patch or remediation is currently documented.
CVSS v4.0
Score 8.7high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2026-10124 affects Shibby Tomato firmware versions 1.0 through 1.28. It is a stack-based buffer overflow in the rip_zebra_read_ipv4 function of the ripd daemon's Zserv Handler component. An attacker can remotely trigger this overflow, potentially leading to code execution or denial of service. The vulnerability has a CVSS 4.0 base score of 8.7, indicating high severity with network attack vector, low attack complexity, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. The project is no longer maintained, and no official fix is available.
Potential Impact
Successful exploitation of this vulnerability can lead to a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code or cause a denial of service on affected devices running Shibby Tomato firmware up to version 1.28. Given the high CVSS score and the remote attack vector, impacted systems are at significant risk if exposed to untrusted networks.
Mitigation Recommendations
Since Shibby Tomato is no longer supported and no official patch or remediation is available, users should migrate to the FreshTomato project or other supported firmware alternatives. Network exposure of affected devices should be minimized or eliminated to reduce risk. Patch status is not confirmed; check vendor or community advisories for any unofficial mitigations or updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-29T17:21:10.262Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1b06d4e29bf47b50425a43
Added to database: 5/30/2026, 3:48:36 PM
Last enriched: 5/30/2026, 4:03:28 PM
Last updated: 5/30/2026, 4:56:53 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.