CVE-2026-10870 | Shibby Tomato 1.28.0000 Web UI /sbin/rc start_dhcpc os command injection

A vulnerability was found in Shibby Tomato 1.28.0000. It has been classified as critical. This affects the function start_dhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection.

The identification of this vulnerability is CVE-2026-10870. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

This project is superseded by FreshTomato.VulDB Recent EntriesRead More