CVE-2026-10871EPSS p80.2%

CVE-2026-10871CVE-2026-10871

Description

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start_6rd_tunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv6_6rd_borderrelay leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This project is superseded by FreshTomato.

Scoring

CVSS 7.2 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS2.20% probability of exploitation · percentile 80.2% · 2026-06-19T12:03:05Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-10872
CVE
CVE-2026-10870
CVE
CVE-2026-10873
CVE
CVE-2026-10069
CVE
CVE-2026-10124
CVE
CVE-2026-5853
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.