CVE-2025-27028 Information

Description

The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read the entire file system content including files belonging to other users and having restricted access (like for example the root password hash).

Reference

https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27028

Related CNNVD

CNNVD-202507-1275 (Published: 2025-07-09)