- Description
- A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code.
- Source
- ART@zuso.ai
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- ART@zuso.ai
- CWE-94
- Hype score
- Not currently trending
CVE-2024-12652 Authenticated Code Injection Vulnerability in SmartRobot AI Platform Pre-v7.2.0 A Code Injection vulnerability exists in SmartRobot's Conversational AI Platform before v7.2.0. It is found in the gr... https://t.co/lFS4XIj4X5
@VulmonFeeds
26 Dec 2024
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12652 A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows re… https://t.co/rQikBpykdM
@CVEnew
26 Dec 2024
555 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-12652: CRITICAL] Vulnerability in SmartRobot's Conversational AI Platform allows code injection, enabling remote users to execute system commands. Update to version v7.2.0 to patch this issue.#cybersecurity,#vulnerability https://t.co/OIFkNpTaOg https://t.co/LHybXf9Y2J
@CveFindCom
26 Dec 2024
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes