Radiflow Isap Smart Collector vulnerabilities
7 known vulnerabilities affecting radiflow/isap_smart_collector.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-3499P2CRITICALCVSS 10.0≥ 1.20, < 3.02-12025-07-09
CVE-2025-3499 [CRITICAL] CWE-78 CVE-2025-3499: The device has two web servers that expose unauthenticated REST APIs on the management network (TCP
The device has two web servers that expose unauthenticated REST APIs on the management network (TCP
ports 8084 and 8086). Exploiting OS command injection through these APIs, an attacker can send arbitrary
commands that are executed with administrative permissions by the underlying operating system.
nvd
CVE-2025-3498P2CRITICALCVSS 9.9≥ 1.20, < 3.02-12025-07-09
CVE-2025-3498 [CRITICAL] CWE-306 CVE-2025-3498: An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart C
An unauthenticated user with management network access can get and
modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20)
configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP
ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the conf
nvd
CVE-2026-22313P2CRITICALCVSS 9.1v3.07-12026-06-16
CVE-2026-22313 [CRITICAL] CWE-78 CVE-2026-22313: The device has a webserver that exposes a REST API authenticated with a token on the management netw
The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send
arbitrary commands to the device that are executed with administrative permissions by the underlying operating system.
nvd
CVE-2026-22312P2HIGHCVSS 8.6v3.07-12026-06-16
CVE-2026-22312 [HIGH] CWE-798 CVE-2026-22312: The device has a webserver that exposes a REST API authenticated with a constant token. The unauthen
The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration
and execute some commands (e.g. system reboot).
nvd
CVE-2025-3497P3HIGHCVSS 8.7≥ 1.20, < 3.02-12025-07-09
CVE-2025-3497 [HIGH] CWE-1104 CVE-2025-3497: The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsol
The Linux distribution underlying the Radiflow iSAP Smart Collector
(CentOS 7 - VSAP 1.20) is obsolete and
reached end of life (EOL) on
June 30, 2024. Thus, any
unmitigated vulnerability could be exploited to affect this product.
nvd
CVE-2025-27028P3MEDIUMCVSS 6.8≥ 1.20, < 3.02-12025-07-09
CVE-2025-27028 [MEDIUM] CWE-266 CVE-2025-27028: The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read
The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read the entire file system content, including files belonging to other users and having restricted access (like, for example, the root password hash).
nvd
CVE-2025-27027P4MEDIUMCVSS 4.1≥ 1.20, < 3.02-12025-07-09
CVE-2025-27027 [MEDIUM] CWE-653 CVE-2025-27027: A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell r
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.
nvd