CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-12652

A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.9%

CVSS Severity

CVSS v3 Score 8.8

References

https://zuso.ai/advisory/za-2024-13

Products affected by CVE-2024-12652

Intumit » Smartrobot » Version: N/A

cpe:2.3:a:intumit:smartrobot:-
Intumit » Smartrobot » Version: 6.0.0-202012tw

cpe:2.3:a:intumit:smartrobot:6.0.0-202012tw
Intumit » Smartrobot » Version: 6.2.0-202303tw

cpe:2.3:a:intumit:smartrobot:6.2.0-202303tw
Intumit » Smartrobot » Version: 7.1.0

cpe:2.3:a:intumit:smartrobot:7.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-12652

Products

Pricing

Contact Us