Intumit Smartrobot
5 CVEs affecting Intumit Smartrobot. Latest disclosed: 2025-04-14. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2413 | Critical | 9.8 | 2024-03-13 | Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string composed of the user's name and timest… |
CVE-2024-0552 | Critical | 9.8 | 2024-01-15 | Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized remote attacker can exploit this vulnerability to execute arb… |
CVE-2024-12652 | High | 8.8 | 2024-12-26 | A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 al… |
CVE-2025-3572 | High | 7.5 | 2025-04-14 | SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access ar… |
CVE-2024-8776 | Medium | 6.1 | 2024-09-16 | SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the paramet… |