What is CVE-2026-22312?

CVE-2026-22312 is a high-severity vulnerability in Radiflow Isap Smart Collector, classified under Use of Hard-coded Credentials. CVSS score: 8.6/10. Published 2026-06-16.

How severe is CVE-2026-22312?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Radiflow Isap Smart Collector

CVE-2026-22312

The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands (e.g. system re…

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L.

Affected products

Radiflow Isap Smart Collector — versions 3.07-1

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

References

a6d3dc9e-0591-4a13-bce7-0f5b31ff6158 (third-party-advisory)

Frequently asked questions

What is CVE-2026-22312?: CVE-2026-22312 is a high-severity vulnerability in Radiflow Isap Smart Collector, classified under Use of Hard-coded Credentials. CVSS score: 8.6/10. Published 2026-06-16.
How severe is CVE-2026-22312?: High severity. CVSS v3 base score is 8.6 out of 10.