These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A resource consumption vulnerability in Shibby Tomato 1.28's miniupnpd component allows remote attackers to exhaust system resources. The affected firmware is end-of-life and superseded by FreshTomato.
A server-side request forgery (SSRF) vulnerability exists in the SUBSCRIBE Call Handler component of Shibby Tomato 1.28, specifically within the send function of usr/sbin/miniupnpd. The vulnerability allows remote attackers to manipulate the affected function to initiate unauthorized requests from the server. This issue affects a firmware project that has been superseded by FreshTomato and is no longer ma [truncated]
A stack-based buffer overflow vulnerability exists in the `sub_90F0` function within the `multimon.cgi` file of Shibby Tomato firmware version 1.28. The vulnerability can be exploited remotely to achieve code execution. Shibby Tomato is a discontinued project superseded by FreshTomato, and affected versions are no longer maintained by the original vendor.
A stack-based buffer overflow vulnerability exists in Shibby Tomato firmware up to version 1.28, specifically within the `sub_9068` function of the `tomatoups.cgi` file in the UPS Service component. The vulnerability allows remote attackers to trigger memory corruption through crafted input. This affects a deprecated firmware project that has been superseded by FreshTomato; the affected products are no lo [truncated]
A stack-based buffer overflow vulnerability exists in Shibby Tomato firmware version 1.28, specifically within the `get_ups_field` function of the `tomatodata.cgi` file. The vulnerability is triggered by manipulating the `Date` argument, which can be exploited remotely to achieve code execution. The affected product is end-of-life and superseded by FreshTomato, with no ongoing support from the original ma [truncated]