Out-of-Bounds Write Vulnerability in Shibby Tomato Firmware
CVE-2026-16095

8.7HIGH

Key Information:

Vendor

Shibby

Status
Vendor
CVE Published:
18 July 2026

What is CVE-2026-16095?

A flaw in the Shibby Tomato firmware version 1.28 RT-N5x MIPSR2 Build 124 has been identified, specifically in the setup_conntrack function located in the /sbin/rc file. Manipulating the argument ct_tcp_timeout can lead to an out-of-bounds write condition. This vulnerability can be exploited remotely, presenting a significant security risk. Users are encouraged to upgrade to FreshTomato, the successor project, to mitigate any potential threats associated with this vulnerability.

Affected Version(s)

Tomato 1.28 RT-N5x MIPSR2 Build 124

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Cormac315 (VulDB User)
VulDB CNA Team
.