VYPR

FastNetMon Community Edition

by FastNetMon

Source repositories

CVEs (11)

  • CVE-2026-48689CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.01

    FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hpp). Five methods (append_dynamic_buffer, append_data_as_pointer, append_data_as_object_ptr, memcpy_from_ptr,…

  • CVE-2026-48687CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.02

    FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The _log() function in src/juniper_plugin/fastnetmon_juniper.php (lines 117-118) constructs shell commands by concatenating the $msg parameter…

  • CVE-2026-48686CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.01

    FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() in src/bgp_protocol.cpp reads prefix_bit_length directly from the BGP packet…

  • CVE-2026-48694HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.00

    FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniper_plugin/fastnetmon_juniper.php, the $IP_ATTACK variable (received from argv[1]) is directly interpolated into Juniper NETCONF…

  • CVE-2026-48692HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.00

    FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials() (src/fastnetmon.cpp line 477) and a source code comment explicitly acknowledges 'Listen on the…

  • CVE-2026-48688HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.00

    FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MP_REACH_NLRI IPv6 attribute decoder. The function decode_mp_reach_ipv6() in src/bgp_protocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks…

  • CVE-2026-48697HigMay 26, 2026
    risk 0.48cvss 7.4epss 0.00

    FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute_web_request_secure() function in src/fast_library.cpp creates a boost::asio::ssl::context with tls_client mode and calls set_default_verify_paths() to load CA…

  • CVE-2026-48690HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packet_storage.hpp, the allocate_buffer() function computes memory_size_in_bytes as 'buffer_size_in_packets * (max_captured_packet_size +…

  • CVE-2026-48684MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template() (src/netflow_plugin/netflow_v9_collector.cpp), the scope parsing loop (lines 224-229) iterates until scopes_offset…

  • CVE-2024-56073HigDec 15, 2024
    risk 0.00cvss 7.5epss 0.01

    An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service (divide-by-zero error and application crash).

  • CVE-2024-56072HigDec 15, 2024
    risk 0.00cvss 7.5epss 0.01

    An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows remote attackers to cause a denial of service (application crash) via a crafted packet that specifies many sFlow samples.

VYPR — Vulnerability Intelligence