Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3572

SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server.

Published

2025-04-14T03:15:17.000

Last Modified

2025-11-17T13:34:15.957

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-918

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	intumit	smartrobot_firmware	< 8.0.0	Yes
Hardware	intumit	smartrobot	-	No

References

https://www.twcert.org.tw/en/cp-139-10065-2494c-2.html Third Party Advisory ([email protected])
https://www.twcert.org.tw/tw/cp-132-10064-6346a-1.html Third Party Advisory ([email protected])