CNNVD-202507-1279 Information

CNNVD ID

CNNVD-202507-1279

Related CVE

CVE-2025-3499

• CNNVD Published: 2025-07-09

Description (Chinese)

Radiflow iSAP Smart Collector是美国Radiflow公司的一个为工业网络设计的远程流量采集与转发设备。 Radiflow iSAP Smart Collector存在安全漏洞，该漏洞源于管理网络上的未认证REST API存在OS命令注入，可能导致攻击者执行任意命令。

Description (English)

Radiflow iSAP Smart Collector is a remote-flow capture and forwarding device designed for industrial networks by Radiflow, a United States company. There is a security loophole in Radiflow iSAP Smart Collator, which stems from the injection of an uncertified REST API order on the management network, which could lead the attackers to execute an arbitrary order.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Radiflow

Published

2025-07-09

Last Modified

2026-02-24

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2025-3499