Lucene search
K

24 matches found

CVE
CVE
added 2026/05/26 12:0 a.m.23 views

CVE-2026-48694

CVE-2026-48694 affects FastNetMon Community Edition up to 1.2.9 via the Juniper router integration plugin. The vulnerability arises because the variable $IP_ATTACK (from argv[1]) is directly interpolated into NETCONF set-configuration commands without validation, allowing an attacker-controlled I...

8.1CVSS6AI score0.00234EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/26 12:0 a.m.22 views

CVE-2026-48687

CVE-2026-48687 affects FastNetMon Community Edition up to 1.2.9, specifically the Juniper router integration plugin. The OS command injection stems from the PHP file src/juniper_plugin/fastnetmon_juniper.php (log function) which builds shell commands by concatenating unsanitized user data from ar...

9.8CVSS6AI score0.01645EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/26 12:0 a.m.10 views

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

9.8CVSS6AI score0.01645EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/05/26 12:0 a.m.11 views

CVE-2026-48694

FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...

8.1CVSS6AI score0.00234EPSS
Exploits0
Rows per page
Query Builder