FastNetMon Community Edition gRPC API Unauthenticated Access Vulnerability

A vulnerability exists in FastNetMon Community Edition versions through 1.2.9, where the gRPC API server is exposed on port 50052 without any authentication. The server uses insecure credentials, allowing unauthorized access to critical functions. This vulnerability enables an attacker with local network access to manipulate BGP route announcements, disrupt DDoS mitigation efforts, and execute external scripts, potentially leading to severe network disruptions.

Impact

Exploitation of this vulnerability allows for unauthorized BGP route manipulation, DDoS mitigation disruption, and arbitrary script execution, with the potential for those scripts to execute commands on the server.

Remediation

Users can update to FastNetMon Community Edition version 1.2.10 or later, where this vulnerability has been addressed. For those unable to update, it is recommended to disable the gRPC API or restrict its access to trusted networks.