CVE-2026-48692

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10

Description The software exposes a gRPC API server on port 50052 that lacks an authentication mechanism. The server is initialized using grpc::InsecureServerCredentials(), allowing any user with local network access to interact with the API without credential verification. This lack of role-based access control allows the execution of administrative operations, including the use of the ExecuteBan() and ExecuteUnBan() functions. These functions can trigger BGP route announcements to blackhole network traffic or execute external notification scripts via popen(). Consequently, an attacker could ban arbitrary IP addresses to cause a denial of service or unban active attacks to disable DDoS mitigation.

Recommendations Update to a version later than 1.2.9. As a temporary workaround, restrict network access to port 50052 to minimize the risk of exploitation.