logo_clicknbuy.png

CVE-2025-27027 – Radiflow iSAP Smart Collector Rbash Bypass Vulnerability

The following table lists the changes that have been made to the
CVE-2025-27027 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • CVE Modified
    by a6d3dc9e-0591-4a13-bce7-0f5b31ff6158

    Jul. 09, 2025

    Action Type Old Value New Value
    Changed Description Restricted shell rbash evasion in Radiflow iSAP Smart Collector (CentOS 7 – VSAP 1.20) allows the user vpuser to start a full-feature shell.

    A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.

    		 A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.
    Added CWE CWE-653
  • New CVE Received
    by a6d3dc9e-0591-4a13-bce7-0f5b31ff6158

    Jul. 09, 2025

    Action Type Old Value New Value
    Added Description Restricted shell rbash evasion in Radiflow iSAP Smart Collector (CentOS 7 – VSAP 1.20) allows the user vpuser to start a full-feature shell.

    A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.
    Added CVSS V3.1 AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
    Added Reference https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27027
Share the Post:

Related Posts