A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.
PUBLISHED5.2ApplicationCWE-400CWE-404unsupported-when-assigned
Shibby Tomato miniupnpd resource consumption
Problem type
Affected products
Shibby
Tomato
1.28 - AFFECTED
References
VDB-367155 | Shibby Tomato miniupnpd resource consumption
https://vuldb.com/vuln/367155
VDB-367155 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/367155/cti
Submit #818238 | Tomato by Shibby Tomato Firmware 1.28 Resource Exhaustion
https://vuldb.com/submit/818238
gitee.com
https://gitee.com/Fengyi-Wang/CVE/issues/IJD8SP
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-10069Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-10069",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2026-05-29T16:00:12.420Z",
"dateReserved": "2026-05-29T08:32:38.317Z",
"datePublished": "2026-05-29T16:00:12.420Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2026-05-29T16:00:12.420Z"
},
"title": "Shibby Tomato miniupnpd resource consumption",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"affected": [
{
"vendor": "Shibby",
"product": "Tomato",
"cpes": [
"cpe:2.3:a:shibby:tomato:*:*:*:*:*:*:*:*"
],
"versions": [
{
"version": "1.28",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Resource Consumption",
"cweId": "CWE-400",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "Denial of Service",
"cweId": "CWE-404",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/vuln/367155",
"name": "VDB-367155 | Shibby Tomato miniupnpd resource consumption",
"tags": [
"vdb-entry"
]
},
{
"url": "https://vuldb.com/vuln/367155/cti",
"name": "VDB-367155 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/submit/818238",
"name": "Submit #818238 | Tomato by Shibby Tomato Firmware 1.28 Resource Exhaustion",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://gitee.com/Fengyi-Wang/CVE/issues/IJD8SP",
"tags": [
"issue-tracking"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:R",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:R",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:UR",
"baseScore": 7.8
}
}
],
"timeline": [
{
"time": "2026-05-29T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2026-05-29T02:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2026-05-29T10:38:16.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "VulDB Gitee Analyzer",
"type": "tool"
},
{
"lang": "en",
"value": "VulDB CNA Team",
"type": "coordinator"
}
],
"tags": [
"unsupported-when-assigned"
]
}
}
}