CVE-2026-48693

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10

Description A local symlink attack is possible due to predictable file paths in the /tmp directory. The software uses a default statistics file path at '/tmp/fastnetmon.dat'. The print screen contents into file() function opens this path using std::ios::trunc without verifying if the path is a symbolic link or utilizing the O NOFOLLOW flag. Furthermore, the chmod() function incorrectly applies permissions to the cli stats file path regardless of the provided file path parameter. Because the umask is set to 0 during daemonization, created files become world-writable. A local attacker can leverage these conditions to overwrite arbitrary files with the privileges of the FastNetMon process user, which is typically root.

Recommendations Update to version 1.2.10 or later.