SecuriTricks - CVE-2026-48682

Description

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple_packet_parser_ng.cpp, after validating that the packet contains at least sizeof(ipv4_header_t) bytes (20 bytes), the code advances the local_pointer by '4 * ipv4_header->get_ihl()' (line 164) without validating that (a) IHL >= 5 (the minimum valid value per RFC 791), or (b) 4 * IHL bytes are actually available in the packet. The IHL field is 4 bits, allowing values 0-15, so the advance can be 0-60 bytes. An IHL value of 15 with only 20 bytes validated causes a 40-byte over-read. An IHL of 0-4 causes the pointer to not advance past the IP header, resulting in the TCP/UDP header being parsed from IP header data (type confusion). This vulnerability is reachable via any packet capture interface.

Product(s) Impacted

Vendor	Product	Versions
Fastnetmon	Fastnetmon Community Edition	*

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	fastnetmon	fastnetmon_community_edition	/	/	/	/	/	/	/	/

References

https://github.com/pavel-odintsov/fastnetmon

https://github.com/pavel-odintsov/fastnetmon/blob/master/src/simple_packet_parser_ng.cpp

https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48682-ipv4-parser-oob

Timeline

Published: June 2, 2026, 8:16 p.m.
Last Modified: June 3, 2026, 6:16 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

CVE-2026-48682