CVE-2025-3498 PUBLISHED

Unauthenticated modification of Radiflow iSAP Smart Collector configuration

Assigner: ENISA
Reserved: 10.04.2025 Published: 09.07.2025 Updated: 09.07.2025

An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the configuration and execute some commands (e.g., system reboot).

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
CVSS Score: 9.9

Attack Vector	Network	Scope	Changed
Attack Complexity	Low	Confidentiality Impact	Low
Privileges Required	None	Integrity Impact	High
User Interaction	None	Availability Impact	Low

CVSS 3.1

Product Status

Vendor	Radiflow
Product	iSAP Smart Collector
Versions	Default: unaffected affected from 1.20 to 3.02-1 (excl.)

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2025-3498

Problem Types

CWE-306: Missing Authentication for Critical Function CWE