CVE-2026-48692HIGH 8.1EPSS p13.9%

CVE-2026-48692CVE-2026-48692

Description

FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials() (src/fastnetmon.cpp line 477) and a source code comment explicitly acknowledges 'Listen on the given address without any authentication mechanism.' None of the RPC methods in src/api.cpp (ExecuteBan, ExecuteUnBan, GetBanlist, GetTotalTrafficCounters, etc.) perform any credential verification. The ExecuteBan and ExecuteUnBan methods trigger security-critical actions: BGP route announcements that can blackhole network traffic, and execution of external notification scripts via popen(). An attacker with local network access can ban arbitrary IP addresses (causing denial of service to legitimate traffic), unban active attacks (disabling DDoS mitigation), and trigger script execution. There is also no role-based access control separating read-only monitoring from destructive administrative operations.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.23% probability of exploitation · percentile 13.9% · 2026-06-19T12:03:05Z
Published2026-05-26
Last modified2026-05-26

Underlying weaknesses· 1

CWE-306

References

  1. https://github.com/pavel-odintsov/fastnetmon
  2. https://github.com/pavel-odintsov/fastnetmon/blob/master/src/api.cpp
  3. https://github.com/pavel-odintsov/fastnetmon/blob/master/src/fastnetmon.cpp
  4. https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48692-grpc-no-auth

1

TypeTargetConfidenceTier
WeaknessMissing Authentication for Critical Functioncwe-3060%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-48694
CVE
CVE-2026-48686
CVE
CVE-2026-48682
CVE
CVE-2026-48689
CVE
CVE-2026-48695
CVE
CVE-2026-42302
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.