Intumit: >> Smartrobot >> 7.1.0 Security Vulnerabilities
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-04-14
A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code.
CVSS Score
9.3
EPSS Score
0.007
Published
2024-12-26