VIR Vulnerability Intelligence Relay

CVE-2013-7379

medium
Published 2014-05-16 · Modified 2023-11-08
CVSS v3
CVSS v2
6.8
VIR risk
6.8

Description

API Admin Auth Weakness in tomato

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://github.com/leizongmin/tomato/commit/9e427d524e04a905312a3294c85e939ed7d57b8c

Package impact
EcosystemPackageVulnerableFixed
npm npmtomato<0.0.60.0.6

Application impact
VendorProductVersionsFixed
ucdoktomato{"endIncluding":"0.0.5"}

References

CWEs

CWE-287

Verify integrity in audit chain (admin only). AS-IS.