CVE-2025-27027

Name of the Vulnerable Software and Affected Versions: Radiflow iSAP Smart Collector version 1.20

Description: The issue allows a user with vpuser credentials to bypass restricted shell rbash limitations and access a full-featured Linux shell when connecting to the device via SSH. This is possible because the restricted shell only allows a small list of commands, but the vulnerability enables the user to overcome these restrictions.

Recommendations: For Radiflow iSAP Smart Collector version 1.20, consider restricting access to the SSH connection for the vpuser credentials until a patch is available. As a temporary workaround, limit the commands that can be executed within the restricted shell rbash to prevent exploitation.