CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Intumit 2Smartrobot Smartrobot FirmwareMar 2, 2026 Apr 14, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server. |
A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system c...Show more |
1Intumit 2Smartrobot Smartrobot FirmwareMar 17, 2026 Sep 16, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks. |
1Intumit 2Smartrobot Smartrobot FirmwareMar 17, 2026 Mar 13, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string composed of the user's name and timestamp to generate an authentication code. With this authenticat...Show more |
1Intumit 2Smartrobot Smartrobot FirmwareMar 17, 2026 Jan 15, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized remote attacker can exploit this vulnerability to execute arbitrary commands on the remote server. |