曾國韋

**Name of the Vulnerable Software and Affected Versions** Intumit inc. SmartRobot (affected versions not specified) **Description** The issue is related to a remote code execution vulnerability in the web framework of Intumit inc. SmartRobot. This allows an unauthorized remote attacker to execute arbitrary commands on the remote server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OMICARD EDM ITPison (affected versions not specified) OMICARD EDM (affected versions not specified) **Description** The issue is related to the file uploading function in the OMICARD EDM backend system, which does not restrict the upload of files with dangerous types. This can be exploited by an attacker, potentially remotely or with administrator privileges on a local area network, to upload and run arbitrary executable files. This exploitation could allow the attacker to perform arbitrary system commands or disrupt the service. **Recommendations** For OMICARD EDM ITPison, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For OMICARD EDM, consider restricting access to the file uploading function until a patch is available, and ensure that only authorized personnel with the necessary privileges can upload files to minimize the risk of exploitation.