{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/tomato-up-to-1.28.0000/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-15545"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Tomato (up to 1.28.0000)"],"_cs_severities":["high"],"_cs_tags":["vulnerability","firmware","router","out-of-bounds-write","CVE"],"_cs_type":"advisory","_cs_vendors":["Shibby"],"content_html":"\u003cp\u003eA significant security vulnerability, identified as CVE-2026-15545, affects Shibby Tomato router firmware versions up to and including 1.28.0000. This flaw resides in the \u003ccode\u003emain\u003c/code\u003e function of the \u003ccode\u003ewww/apcupsd/tomatodata.cgi\u003c/code\u003e file, part of the \u003ccode\u003eapcupsd\u003c/code\u003e component. The vulnerability is characterized as an out-of-bounds write, which can be triggered by remote manipulation. This issue carries a high CVSS v3.1 base score of 8.8, indicating severe potential impact. An exploit for this vulnerability is publicly available, increasing the urgency for affected users to address the issue. The Shibby Tomato project has been superseded by FreshTomato, suggesting that official patches for Shibby Tomato may not be available, leaving older installations at continued risk. Exploitation could lead to unauthorized access, denial of service, or potentially remote code execution on the affected router.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated or low-privileged remote attacker crafts a malicious HTTP request targeting the \u003ccode\u003ewww/apcupsd/tomatodata.cgi\u003c/code\u003e endpoint on a vulnerable Shibby Tomato router.\u003c/li\u003e\n\u003cli\u003eThe crafted request manipulates input parameters processed by the \u003ccode\u003emain\u003c/code\u003e function within the \u003ccode\u003eapcupsd\u003c/code\u003e component.\u003c/li\u003e\n\u003cli\u003eThis manipulation triggers an out-of-bounds write condition in memory, allowing the attacker to overwrite sensitive data or execute arbitrary code.\u003c/li\u003e\n\u003cli\u003eSuccessful exploitation leads to unauthorized control over the router, potentially compromising network traffic or enabling further attacks on connected devices.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-15545 can lead to severe consequences for organizations and individuals using affected Shibby Tomato routers. Due to the nature of an out-of-bounds write in a network device's firmware, attackers could achieve remote code execution, allowing them to gain full control over the router. This control enables threat actors to modify network configurations, intercept network traffic, launch further attacks on internal networks, or integrate the compromised device into a botnet. Given that routers are critical infrastructure, the impact can extend to complete network compromise, data exfiltration, or prolonged service disruption. The public availability of an exploit significantly lowers the bar for attackers, increasing the likelihood of widespread exploitation.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-2026-15545\u003c/strong\u003e by upgrading Shibby Tomato firmware to a version beyond 1.28.0000, if available, or migrating to FreshTomato, which supersedes the affected project.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMonitor web server logs\u003c/strong\u003e for unusual or malformed HTTP requests directed at the \u003ccode\u003ewww/apcupsd/tomatodata.cgi\u003c/code\u003e path, especially those with excessively long or specially crafted query parameters.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReview network segmentation\u003c/strong\u003e and access controls to limit exposure of router administrative interfaces to untrusted networks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-13T09:20:37Z","date_published":"2026-07-13T09:20:37Z","id":"https://feed.craftedsignal.io/briefs/2026-07-shibby-tomato-cve-2026-15545/","summary":"A critical out-of-bounds write vulnerability (CVE-2026-15545) exists in Shibby Tomato firmware up to version 1.28.0000, specifically within the `main` function of the `www/apcupsd/tomatodata.cgi` file in the `apcupsd` component, which can be exploited remotely with a publicly available exploit, posing a significant risk to affected network devices.","title":"Shibby Tomato Firmware Vulnerability CVE-2026-15545 Leads to Remote Out-of-Bounds Write","url":"https://feed.craftedsignal.io/briefs/2026-07-shibby-tomato-cve-2026-15545/"}],"language":"en","title":"CraftedSignal Threat Feed - Tomato (Up to 1.28.0000)","version":"https://jsonfeed.org/version/1.1"}