CVE-2026-16095
HIGH
NVD
CVSS Score
8.8
Severity
HIGH
Published
Jul 18, 2026
Vendor
unknown
Description
A flaw has been found in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. Affected by this issue is the function setup_conntrack of the file /sbin/rc. Executing a manipulation of the argument ct_tcp_timeout can lead to out-of-bounds write. The attack may be performed from remote. This project is superseded by FreshTomato.