Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-3498

Summary
Assigner-ENISA
Assigner Org ID-a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
Published At-09 Jul, 2025 | 08:53
Updated At-09 Jul, 2025 | 13:20
Rejected At-
Credits

Unauthenticated modification of Radiflow iSAP Smart Collector configuration

An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the configuration and execute some commands (e.g., system reboot).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ENISA
Assigner Org ID:a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
Published At:09 Jul, 2025 | 08:53
Updated At:09 Jul, 2025 | 13:20
Rejected At:
▼CVE Numbering Authority (CNA)
Unauthenticated modification of Radiflow iSAP Smart Collector configuration

An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the configuration and execute some commands (e.g., system reboot).

Affected Products
Vendor
Radiflow
Product
iSAP Smart Collector
Platforms
  • Linux
Default Status
unaffected
Versions
Affected
  • From 1.20 before 3.02-1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306: Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-306
Description: CWE-306: Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cvcn.gov.it/cvcn/cve/CVE-2025-3498
government-resource
Hyperlink: https://www.cvcn.gov.it/cvcn/cve/CVE-2025-3498
Resource:
government-resource
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
Published At:09 Jul, 2025 | 09:15
Updated At:10 Jul, 2025 | 13:17

An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the configuration and execute some commands (e.g., system reboot).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
Type: Secondary
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-306Secondarya6d3dc9e-0591-4a13-bce7-0f5b31ff6158
CWE ID: CWE-306
Type: Secondary
Source: a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.cvcn.gov.it/cvcn/cve/CVE-2025-3498a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
N/A
Hyperlink: https://www.cvcn.gov.it/cvcn/cve/CVE-2025-3498
Source: a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

3Records found
CVE-2019-11684
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.9||CRITICAL
EPSS-0.21% / 42.64%
||
7 Day CHG~0.00%
Published-26 Feb, 2021 | 15:05
Updated-17 Sep, 2024 | 01:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in Bosch Video Recording Manager

Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM.

Action-Not Available
Vendor-n/aRobert Bosch GmbH
Product-divar_ip_5000video_recording_managerdivar_ip_5000_firmwarevideo_management_systemn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-22192
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.06% / 18.70%
||
7 Day CHG~0.00%
Published-13 Mar, 2026 | 01:18
Updated-22 Apr, 2026 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Voltronic Power SNMP Web Pro 1.1 Authentication Bypass via localStorage

Voltronic Power SNMP Web Pro version 1.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to access privileged management functions by manipulating browser localStorage values. Attackers can modify client-side authentication state to bypass server-side access controls and gain unauthorized access to protected management functionality without valid credentials.

Action-Not Available
Vendor-gvectorsVoltronic Power
Product-wpdiscuzSNMP Web Pro
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-32764
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-9.9||CRITICAL
EPSS-0.19% / 40.84%
||
7 Day CHG~0.00%
Published-26 Apr, 2024 | 15:00
Updated-10 Dec, 2025 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
myQNAPcloud Link

A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following version: myQNAPcloud Link 2.4.51 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-myqnapcloud_linkmyQNAPcloud Linkmyqnapcloud_link
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-346
Origin Validation Error
CWE ID-CWE-749
Exposed Dangerous Method or Function
Details not found