CVE-2026-48685

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10

Description Out-of-bounds memory access occurs due to the incorrect parsing of BGP path attributes when the extended length flag is set. In the parse raw bgp attribute() function within src/bgp protocol.hpp, the system identifies when the extended length bit is set and assigns 2 to length of length field, but it only reads a single byte for the attribute value length (attribute value length = value[2]). According to RFC 4271 Section 4.3, the Attribute Length field should be two octets and read as a 16-bit big-endian integer from value[2] and value[3]. Consequently, attributes exceeding 255 bytes have their length truncated to the low byte, leading to the misinterpretation of remaining data as subsequent attributes, which causes cascading parse failures and potential memory access issues.

Recommendations Update to version 1.2.10 or later.