VYPR
Vendor

FastNetMon

Products
2
CVEs
18
Across products
27
Status
Private

Products

2

Recent CVEs

18
  • CVE-2026-48689CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.01

    FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hpp). Five methods (append_dynamic_buffer, append_data_as_pointer, append_data_as_object_ptr, memcpy_from_ptr,…

  • CVE-2026-48691CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the IPv4UnicastAnnounce::get_attributes() function computes attribute_length as 'sizeof(bgp_as_path_segment_element_t) +…

  • CVE-2026-48687CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.02

    FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The _log() function in src/juniper_plugin/fastnetmon_juniper.php (lines 117-118) constructs shell commands by concatenating the $msg parameter…

  • CVE-2026-48686CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.01

    FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() in src/bgp_protocol.cpp reads prefix_bit_length directly from the BGP packet…

  • CVE-2026-48695HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.01

    FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The _log() function in src/mikrotik_plugin/fastnetmon_mikrotik.php (lines 107-108) constructs shell commands by concatenating the $msg parameter…

  • CVE-2026-48694HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.00

    FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniper_plugin/fastnetmon_juniper.php, the $IP_ATTACK variable (received from argv[1]) is directly interpolated into Juniper NETCONF…

  • CVE-2026-48692HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.00

    FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials() (src/fastnetmon.cpp line 477) and a source code comment explicitly acknowledges 'Listen on the…

  • CVE-2026-48688HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.00

    FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MP_REACH_NLRI IPv6 attribute decoder. The function decode_mp_reach_ipv6() in src/bgp_protocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks…

  • CVE-2026-48697HigMay 26, 2026
    risk 0.48cvss 7.4epss 0.00

    FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute_web_request_secure() function in src/fast_library.cpp creates a boost::asio::ssl::context with tls_client mode and calls set_default_verify_paths() to load CA…

  • CVE-2026-48690HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packet_storage.hpp, the allocate_buffer() function computes memory_size_in_bytes as 'buffer_size_in_packets * (max_captured_packet_size +…

  • CVE-2026-48685MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp_protocol.hpp, the parse_raw_bgp_attribute() function correctly identifies when extended_length_bit is set…

  • CVE-2026-48684MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template() (src/netflow_plugin/netflow_v9_collector.cpp), the scope parsing loop (lines 224-229) iterates until scopes_offset…

  • CVE-2026-48683MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in the NetFlow v9 data flowset processor. In src/netflow_plugin/netflow_v9_collector.cpp, the Data template branch (lines 1695-1702) iterates over flow records without performing a…

  • CVE-2026-48696MedMay 26, 2026
    risk 0.40cvss 6.2epss 0.00

    FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689.

  • CVE-2026-48682MedJun 2, 2026
    risk 0.38cvss 5.9epss 0.00

    FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple_packet_parser_ng.cpp, after validating that the packet contains at least sizeof(ipv4_header_t) bytes (20 bytes), the code advances the local_pointer by '4 *…

  • CVE-2026-48693MedMay 26, 2026
    risk 0.36cvss 5.5epss 0.00

    FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' (src/fastnetmon.cpp line 159). The print_screen_contents_into_file() function…

  • CVE-2024-56072Dec 15, 2024
    risk 0.00cvss epss 0.01

    An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows remote attackers to cause a denial of service (application crash) via a crafted packet that specifies many sFlow samples.

  • CVE-2024-56073Dec 15, 2024
    risk 0.00cvss epss 0.01

    An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service (divide-by-zero error and application crash).