CVE-2026-10065— Shibby Tomato tomatodata.cgi get_ups_field stack-based overflow
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-10065
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Shibby Tomato tomatodata.cgi get_ups_field stack-based overflow
Source: NVD (National Vulnerability Database)
Vulnerability Description
A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function get_ups_field of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
Shibby Tomato 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Shibby Tomato是Shibby个人开发者的一个第三方路由器固件。 Shibby Tomato 1.28版本存在安全漏洞,该漏洞源于文件tomatodata.cgi中函数get_ups_field参数Date栈缓冲区溢出,可能导致远程攻击者执行攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-10065
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-10065
请登录查看更多情报信息。
Other References for CVE-2026-10065 (1)
Same Patch Batch · Shibby · 2026-05-29 · 5 CVEs total
| CVE-2026-10066 | 8.8 HIGH | Shibby Tomato UPS Service tomatoups.cgi sub_9068 stack-based overflow |
| CVE-2026-10067 | 8.8 HIGH | Shibby Tomato multimon.cgi sub_90F0 stack-based overflow |
| CVE-2026-10069 | 7.5 HIGH | Shibby Tomato miniupnpd resource consumption |
| CVE-2026-10068 | 7.3 HIGH | Shibby Tomato SUBSCRIBE Call miniupnpd send server-side request forgery |
IV. Related Vulnerabilities
Same product: Tomato
- CVE-2026-10873
Shibby Tomato Web UI rstats rstats_path os command injection - CVE-2026-10872
Shibby Tomato Web UI rc start_vpnserver os command injection - CVE-2026-10871
Shibby Tomato Web UI rc start_6rd_tunnel os command injectio - CVE-2026-10870
Shibby Tomato Web UI rc start_dhcpc os command injection - CVE-2026-10124
Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based ove
Same vendor: Shibby
- CVE-2026-10873
Shibby Tomato Web UI rstats rstats_path os command injection - CVE-2026-10872
Shibby Tomato Web UI rc start_vpnserver os command injection - CVE-2026-10871
Shibby Tomato Web UI rc start_6rd_tunnel os command injectio - CVE-2026-10870
Shibby Tomato Web UI rc start_dhcpc os command injection - CVE-2026-10124
Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based ove
Same weakness: CWE-121
- CVE-2026-55738
Stack Buffer Overflow in rxi/microtar raw_to_header() via no - CVE-2026-10829
NPort W2150A-W4/W2250A-W4远程代码执行漏洞 - CVE-2026-7273
Zyxel GS1900-48HPv2固件堆栈溢出致命令执行 - CVE-2026-12222
Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToo - CVE-2026-12221
Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack
V. Comments for CVE-2026-10065
No comments yet