Lucene search
K
IntumitSmartrobot

5 matches found

CVE
CVE
added 2025/04/14 1:38 a.m.97 views

CVE-2025-3572

CVE-2025-3572 concerns a Server-Side Request Forgery in INTUMIT’s SmartRobot. The issue allows unauthenticated remote attackers to probe internal networks and access arbitrary local files on the server via SSRF in the affected SmartRobot component. Public listings consistently describe the vulner...

7.5CVSS7.7AI score0.0041EPSS
CVE
CVE
added 2024/12/26 4:5 a.m.50 views

CVE-2024-12652

CVE-2024-12652 affects Intumit SmartRobot’s Conversational AI Platform. A vulnerability in the groovy script function prior to v7.2.0 enables remote authenticated users to execute arbitrary system commands via Groovy code (Code Injection). This can impact availability, confidentiality, and integr...

9.3CVSS6.8AI score0.00749EPSS
CVE
CVE
added 2024/01/15 4:3 a.m.46 views

CVE-2024-0552

CVE-2024-0552 relates to a remote code execution vulnerability in Intumit inc. SmartRobot’s web framework. The most concrete details across the provided documents indicate that the issue lies in the framework’s handling in a way that allows an unauthenticated attacker to execute arbitrary command...

9.8CVSS9.8AI score0.01179EPSS
CVE
CVE
added 2024/03/13 2:51 a.m.35 views

CVE-2024-2413

CVE-2024-2413 affects Intumit SmartRobot, which uses a fixed cryptographic key for authentication. This allows remote attackers to craft an authentication code by encrypting a string of the user’s name and a timestamp, enabling administrator privileges and potential arbitrary code execution on th...

9.8CVSS10AI score0.00574EPSS
CVE
CVE
added 2024/09/16 5:39 a.m.29 views

CVE-2024-8776

CVE-2024-8776 affects Intumit SmartRobot. Root cause: insufficient validation of a page parameter enables unauthenticated remote attackers to perform reflected Cross-Site Scripting by injecting JavaScript into the parameter. Impact per sources: potential JavaScript execution in responses; CVSS 3....

6.1CVSS6.2AI score0.00288EPSS