cbcvebase.

Radiflow Isap Smart Collector vulnerabilities

7 known vulnerabilities affecting radiflow/isap_smart_collector.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-3499P2CRITICALCVSS 10.0≥ 1.20, < 3.02-12025-07-09
CVE-2025-3499 [CRITICAL] CWE-78 CVE-2025-3499: The device has two web servers that expose unauthenticated REST APIs on the management network (TCP The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). Exploiting OS command injection through these APIs, an attacker can send arbitrary commands that are executed with administrative permissions by the underlying operating system.
nvd
CVE-2025-3498P2CRITICALCVSS 9.9≥ 1.20, < 3.02-12025-07-09
CVE-2025-3498 [CRITICAL] CWE-306 CVE-2025-3498: An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart C An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the conf
nvd
CVE-2026-22313P2CRITICALCVSS 9.1v3.07-12026-06-16
CVE-2026-22313 [CRITICAL] CWE-78 CVE-2026-22313: The device has a webserver that exposes a REST API authenticated with a token on the management netw The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send arbitrary commands to the device that are executed with administrative permissions by the underlying operating system.
nvd
CVE-2026-22312P2HIGHCVSS 8.6v3.07-12026-06-16
CVE-2026-22312 [HIGH] CWE-798 CVE-2026-22312: The device has a webserver that exposes a REST API authenticated with a constant token. The unauthen The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands (e.g. system reboot).
nvd
CVE-2025-3497P3HIGHCVSS 8.7≥ 1.20, < 3.02-12025-07-09
CVE-2025-3497 [HIGH] CWE-1104 CVE-2025-3497: The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsol The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsolete and reached end of life (EOL) on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product.
nvd
CVE-2025-27028P3MEDIUMCVSS 6.8≥ 1.20, < 3.02-12025-07-09
CVE-2025-27028 [MEDIUM] CWE-266 CVE-2025-27028: The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read the entire file system content, including files belonging to other users and having restricted access (like, for example, the root password hash).
nvd
CVE-2025-27027P4MEDIUMCVSS 4.1≥ 1.20, < 3.02-12025-07-09
CVE-2025-27027 [MEDIUM] CWE-653 CVE-2025-27027: A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell r A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.
nvd
Radiflow Isap Smart Collector vulnerabilities | cvebase