CVE-2026-10124 - Vulnerability Details

- Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow

Description

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.

Published: 2026-05-30

Score: 8.7 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A stack-based buffer overflow exists in the Shibby Tomato component Zserv Handler, specifically within the rip_zebra_read_ipv4 function. The flaw is triggered by manipulating a packet processed by /usr/sbin/ripd and, because the overflow occurs on the stack, an attacker can inject malicious code or corrupt execution flow. The vulnerability is classified as CWE‑119 and CWE‑121 and enables remote code execution when an untrusted client sends crafted RIP messages.

Affected Systems

The flaw affects Shibby Tomato versions up to 1.28, a product that is no longer maintained. The affected code resides in the ripd service of the Zserv Handler component, and the product has been superseded by FreshTomato.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, and the EPSS score is not available but the exploit has been publicly disclosed, implying that attackers could deploy it. Because the attack vector is remote, systems exposed to the internet or an internal untrusted network are at risk. The vulnerability is not yet listed in the CISA KEV catalog, but the lack of active support for Shibby Tomato means that no official fix is currently offered, raising the likelihood that exploitation attempts will succeed.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Shibby

Tomato

affected

Version	Status	Constraints
`1.0`	affected	—
`1.1`	affected	—
`1.2`	affected	—
`1.3`	affected	—
`1.4`	affected	—
`1.5`	affected	—
`1.6`	affected	—
`1.7`	affected	—
`1.8`	affected	—
`1.9`	affected	—
`1.10`	affected	—
`1.11`	affected	—
`1.12`	affected	—
`1.13`	affected	—
`1.14`	affected	—
`1.15`	affected	—
`1.16`	affected	—
`1.17`	affected	—
`1.18`	affected	—
`1.19`	affected	—
`1.20`	affected	—
`1.21`	affected	—
`1.22`	affected	—
`1.23`	affected	—
`1.24`	affected	—
`1.25`	affected	—
`1.26`	affected	—
`1.27`	affected	—
`1.28`	affected	—

No data.

Vendor Product Confidence Versions

Shibby

Tomato

95%

Version	Status	Scheme	Platform
`1.0`	affected	generic	—
`1.1`	affected	generic	—
`1.2`	affected	generic	—
`1.3`	affected	generic	—
`1.4`	affected	generic	—
`1.5`	affected	generic	—
`1.6`	affected	generic	—
`1.7`	affected	generic	—
`1.8`	affected	generic	—
`1.9`	affected	generic	—
`1.10`	affected	generic	—
`1.11`	affected	generic	—
`1.12`	affected	generic	—
`1.13`	affected	generic	—
`1.14`	affected	generic	—
`1.15`	affected	generic	—
`1.16`	affected	generic	—
`1.17`	affected	generic	—
`1.18`	affected	generic	—
`1.19`	affected	generic	—
`1.20`	affected	generic	—
`1.21`	affected	generic	—
`1.22`	affected	generic	—
`1.23`	affected	generic	—
`1.24`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to a supported version or switch to FreshTomato to eliminate the flaw
Apply any vendor patch that resolves the stack-based overflow in the ripd component
If an upgrade is not possible, block or filter incoming RIP traffic to the ripd service using firewall rules
Monitor logs and network traffic for unusual RIP packets or errors that could indicate exploitation attempts

Generated by OpenCVE AI on May 30, 2026 at 17:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00041.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://gitee.com/Fengyi-Wang/CVE/issues/IJ9FFG
https://vuldb.com/submit/818239
https://vuldb.com/vuln/367301
https://vuldb.com/vuln/367301/cti

History

Sat, 30 May 2026 16:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.
Title		Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow
First Time appeared		Shibby Shibby tomato
Weaknesses		CWE-119 CWE-121
CPEs		cpe:2.3:a:shibby:tomato::::::::
Vendors & Products		Shibby Shibby tomato
References		https://gitee.com/Fengyi-Wang/CVE/issues/IJ9FFG https://vuldb.com/submit/818239 https://vuldb.com/vuln/367301 https://vuldb.com/vuln/367301/cti
Metrics		cvssV2_0 `{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Shibby Tomato

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-05-30T15:45:17.819Z

Updated: 2026-05-30T15:45:17.819Z

Reserved: 2026-05-29T17:21:10.262Z

Link: CVE-2026-10124

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-30T16:17:04.747

Modified: 2026-05-30T16:17:04.747

Link: CVE-2026-10124

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-30T18:30:28Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object