CVE-2025-27027— Restricted shell evasion in Radiflow iSAP Smart Collector
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-27027
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Restricted shell evasion in Radiflow iSAP Smart Collector
Source: NVD (National Vulnerability Database)
Vulnerability Description
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
不充分的划分
Source: NVD (National Vulnerability Database)
Vulnerability Title
Radiflow iSAP Smart Collector 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Radiflow iSAP Smart Collector是美国Radiflow公司的一个为工业网络设计的远程流量采集与转发设备。 Radiflow iSAP Smart Collector存在安全漏洞,该漏洞源于绕过rbash限制,可能导致获取完整Linux shell。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Radiflow | iSAP Smart Collector | 1.20 ~ 3.02-1 | - |
II. Public POCs for CVE-2025-27027
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-27027
请登录查看更多情报信息。
Same Patch Batch · Radiflow · 2025-07-09 · 5 CVEs total
| CVE-2025-3499 | 10.0 CRITICAL | Unauthenticated execution of arbitrary commands in Radiflow iSAP Smart Collector |
| CVE-2025-3498 | 9.9 CRITICAL | Unauthenticated modification of Radiflow iSAP Smart Collector configuration |
| CVE-2025-3497 | 8.7 HIGH | Radiflow iSAP Smart Collector Linux distribution unmaintained |
| CVE-2025-27028 | 6.8 MEDIUM | Read access of deprivileged Radiflow iSAP Smart Collector user |
IV. Related Vulnerabilities
Same product: iSAP Smart Collector
Same vendor: Radiflow
Same weakness: CWE-653
- CVE-2026-40968
Spring gRPC SecurityContext leaks across requests on authori - CVE-2026-5600
pretix 安全漏洞 - CVE-2026-5599
API allows deletion of users of other instance - CVE-2026-34775
Electron: nodeIntegrationInWorker not correctly scoped in sh - CVE-2026-4282
Keycloak: keycloak: privilege escalation via forged authoriz
V. Comments for CVE-2025-27027
No comments yet