RADIUS packet decode (response)

--------------------------------------
Raw packet data (length = 51).....
02 05 00 33 66 4a e9 19 30 f7 68 ac 59 93 e3 0f     |  ...3fJ..0.h.Y...
2e ae 98 fe 06 06 00 00 00 01 1a 19 00 00 00 09    |  ................
01 13 73 68 65 6c 6c 3a 70 72 69 76 2d 6c 76 6c   |  ..shell:priv-lvl
3d 31 35                                                                    |  =15

Parsed packet data.....
Radius: Code = 2 (0x02)
Radius: Identifier = 5 (0x05)
Radius: Length = 51 (0x0033)
Radius: Vector: 664AE91930F768AC5993E30F2EAE98FE
Radius: Type = 6 (0x06) Service-Type
Radius: Length = 6 (0x06)
Radius: Value (Hex) = 0x1
Radius: Type = 26 (0x1A) Vendor-Specific
Radius: Length = 25 (0x19)
Radius: Vendor ID = 9 (0x00000009)
Radius: Type = 1 (0x01) Cisco-AV-pair
Radius: Length = 19 (0x13)
Radius: Value (String) = 
73 68 65 6c 6c 3a 70 72 69 76 2d 6c 76 6c 3d 31    |  shell:priv-lvl=1
35                                                                               |  5
rad_procpkt: ACCEPT
RADIUS_ACCESS_ACCEPT: normal termination
RADIUS_DELETE
remove_req 0x4032358 session 0x7d4 id 5
free_rip 0x4032358
radius: send queue empty

As you can see it is getting the shell:priv-lvl=15 but the user then has privilege level 1, as shown in the following output:
retna-fw> sh curpriv
Username : admin
Current privilege level : 1
Current Mode/s : P_UNPR
retna-fw>