CVE-2026-48695

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (1)

NVD HIGH: CVE-2026-48695 — FastNetMon Community Edition through 1.2.9 contains an OS command injection vuln...

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The _log() function in src/mikrotik_plugin/fastnetmon_mikrotik.php (lines 107-108) constructs shell commands by concatenating the $msg parameter directly into exec() calls: exec("echo `date` \"- {FASTNETMON] - " . $msg . " \" >> " . $FILE_LOG_TMP). This is identical

CVE-2026-48695

May 26, 2026NIST NVD