Which versions of Shibby Tomato are affected by CVE-2026-10124?

Shibby Tomato router firmware versions up to 1.28 is vulnerable to a critical routing daemon attack for which publicly available exploit code exists; the attack requires authenticated network access…

Is there a public PoC exploit available for CVE-2026-10124?

Yes, a public proof-of-concept exploit is available for CVE-2026-10124. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-10124?

Within 24 hours: Inventory all Shibby Tomato router instances and document firmware versions. Within 7 days: Develop migration plan to FreshTomato (successor) or alternative router platforms; assess network dependencies. Within 30 days: Complete migration of all affected devices to supported, patched firmware or replacement hardware.

Shibby Tomato CVE-2026-10124

Q: What is the CVSS score of CVE-2026-10124?

CVE-2026-10124 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-33467 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-05-30 VulDB

GHSA-xv8j-c5vv-vvmg

Buffer Overflow Stack Overflow Tomato

7.4

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.4 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

May 30, 2026 - 16:28 vuln.today

v3 (cvss_changed)

Analysis Updated

May 30, 2026 - 16:28 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 30, 2026 - 16:22 vuln.today

cvss_changed

CVSS changed

May 30, 2026 - 16:22 NVD

8.8 (HIGH) 7.4 (HIGH)

Analysis Generated

May 30, 2026 - 16:20 vuln.today

DescriptionCVE.org

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Stack-based buffer overflow in Shibby Tomato router firmware (versions up to 1.28) allows remote attackers to corrupt memory in the ripd daemon via the rip_zebra_read_ipv4 function in the Zserv Handler component. Publicly available exploit code exists, and the project is end-of-life - superseded by FreshTomato - so no vendor patch will be released. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Gain low-privilege network position

Delivery

Reach ripd Zserv interface

Exploit

Send crafted rip_zebra_read_ipv4 message

Execution

Overflow stack buffer

Persist

Hijack control flow in ripd

Impact

Execute code as root on router