Skip to main content
CVE Vulnerability Database

CVE-2025-3572: Intumit SmartRobot SSRF Vulnerability

CVE-2025-3572 is a Server-Side Request Forgery flaw in Intumit SmartRobot that enables unauthenticated attackers to probe internal networks and access local files. This article covers technical details, affected versions, and mitigation.

Updated:

CVE-2025-3572 Overview

CVE-2025-3572 is a Server-Side Request Forgery (SSRF) vulnerability in INTUMIT SmartRobot. Unauthenticated remote attackers can abuse the flaw to probe internal network resources and read arbitrary local files on the affected server. The vulnerability is tracked under CWE-918: Server-Side Request Forgery and exposes confidential data to attackers operating across the network. Taiwan's TWCERT coordinated the disclosure through advisories 10064 and 10065.

Critical Impact

Unauthenticated attackers can pivot through SmartRobot to reach internal-only systems and exfiltrate local files, bypassing perimeter network controls.

Affected Products

  • INTUMIT SmartRobot (all versions prior to the vendor-supplied fix)
  • Deployments exposing the SmartRobot service to untrusted networks
  • Environments where SmartRobot can reach sensitive internal hosts or local filesystem resources

Discovery Timeline

  • 2025-04-14 - CVE-2025-3572 published to the National Vulnerability Database
  • 2026-03-02 - Last updated in NVD database

Technical Details for CVE-2025-3572

Vulnerability Analysis

The vulnerability allows a remote attacker to coerce the SmartRobot server into issuing HTTP or file-protocol requests to attacker-chosen destinations. Because the request originates from the server, it inherits network trust normally reserved for internal services. Attackers use this trust to enumerate internal hosts, query metadata endpoints, and retrieve files accessible to the SmartRobot process.

The flaw requires no authentication and no user interaction. Exploitation is reachable over the network with low complexity, which expands the attack surface to any actor with connectivity to the SmartRobot endpoint. Confidentiality is the primary loss: the server's responses can include internal service banners, configuration data, and local file contents.

Root Cause

SmartRobot accepts URL or resource parameters from clients and dispatches outbound requests without validating the target. The application does not enforce an allow-list of hosts, restrict URL schemes, or block access to loopback, link-local, and private address ranges. The handler also fails to disable use of the file:// scheme, which permits direct reads from the local filesystem within the SmartRobot service account's permissions.

Attack Vector

An attacker submits a crafted request containing a URL pointing to an internal IP, a cloud metadata endpoint, or a file:// path. SmartRobot fetches the resource and returns the response content or observable error timing to the attacker. Repeated requests enable internal port scanning, service fingerprinting, and retrieval of files such as configuration data or credentials reachable to the service process. Refer to the TWCERT Security Advisory 10065 for vendor-coordinated details.

Detection Methods for CVE-2025-3572

Indicators of Compromise

  • Outbound HTTP requests from the SmartRobot server to internal RFC1918 addresses, loopback, or cloud metadata endpoints such as 169.254.169.254
  • SmartRobot process accessing local files outside its expected working directories, including /etc/passwd, configuration files, or credential stores
  • Unusual response sizes or latencies in SmartRobot request logs indicating port-scan-style probing
  • Inbound requests containing URL parameters with file://, gopher://, or internal hostnames

Detection Strategies

  • Inspect SmartRobot application logs for user-supplied URL parameters referencing private address ranges or non-HTTP schemes
  • Correlate egress firewall logs against the SmartRobot host to identify unexpected internal destinations
  • Deploy web application firewall rules that flag SSRF payload patterns in request bodies and query strings

Monitoring Recommendations

  • Enable verbose request logging on SmartRobot and forward logs to a centralized SIEM for retention and correlation
  • Alert on any SmartRobot-originated traffic targeting cloud instance metadata services or directory services
  • Baseline normal SmartRobot outbound traffic and trigger on deviations in destination, volume, or protocol

How to Mitigate CVE-2025-3572

Immediate Actions Required

  • Apply the vendor patch referenced in the TWCERT advisories as soon as it is available in your environment
  • Restrict network egress from the SmartRobot server to only the destinations required for business operation
  • Place SmartRobot behind a reverse proxy or WAF that filters request parameters containing URLs or file paths
  • Rotate any credentials or secrets reachable from the SmartRobot host filesystem if compromise is suspected

Patch Information

INTUMIT has issued fixed builds coordinated through TWCERT. Administrators should consult the TWCERT Security Advisory 10064 and the English advisory 10065 for the specific fixed version and upgrade procedure. Upgrade all SmartRobot instances and verify the version after deployment.

Workarounds

  • Block the file://, gopher://, dict://, and ftp:// schemes at the application or proxy layer until patching completes
  • Implement an outbound allow-list firewall policy that denies SmartRobot connections to RFC1918, loopback, and link-local ranges
  • Disable or remove SmartRobot features that accept user-controlled URLs if they are not required
bash
# Example egress restriction using iptables to block SSRF targets
iptables -A OUTPUT -m owner --uid-owner smartrobot -d 127.0.0.0/8 -j REJECT
iptables -A OUTPUT -m owner --uid-owner smartrobot -d 10.0.0.0/8 -j REJECT
iptables -A OUTPUT -m owner --uid-owner smartrobot -d 172.16.0.0/12 -j REJECT
iptables -A OUTPUT -m owner --uid-owner smartrobot -d 192.168.0.0/16 -j REJECT
iptables -A OUTPUT -m owner --uid-owner smartrobot -d 169.254.0.0/16 -j REJECT

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.