Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Restricted shell evasion in Radiflow iSAP Smart Collector
Vulnerability Description
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
不充分的划分
Vulnerability Title
Radiflow iSAP Smart Collector 安全漏洞
Vulnerability Description
Radiflow iSAP Smart Collector是美国Radiflow公司的一个为工业网络设计的远程流量采集与转发设备。 Radiflow iSAP Smart Collector存在安全漏洞,该漏洞源于绕过rbash限制,可能导致获取完整Linux shell。
CVSS Information
N/A
Vulnerability Type
N/A