Skip to main content

PicoClaw CVE-2026-6987

| EUVDEUVD-2026-25663 MEDIUM
Command Injection (CWE-77)
2026-04-25 VulDB
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
CVSS changed
Apr 29, 2026 - 01:12 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
Severity Changed
Apr 25, 2026 - 17:22 NVD
HIGH MEDIUM
CVSS changed
Apr 25, 2026 - 17:22 NVD
7.3 (HIGH) 6.9 (MEDIUM)
Analysis Generated
Apr 25, 2026 - 17:15 vuln.today
EUVD ID Assigned
Apr 25, 2026 - 17:00 euvd
EUVD-2026-25663
Analysis Generated
Apr 25, 2026 - 17:00 vuln.today
CVE Published
Apr 25, 2026 - 16:45 nvd
MEDIUM 5.5

DescriptionCVE.org

A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Remote command injection in PicoClaw Web Launcher Management Plane (versions up to 0.2.4) allows unauthenticated attackers to execute arbitrary system commands via the /api/gateway/restart endpoint. CVSS 7.3 (AV:N/AC:L/PR:N/UI:N) indicates network-accessible exploitation without authentication. Proof-of-concept code exists (CVSS:E:P). Vendor has not responded to responsible disclosure (reported via GitHub issue #2307), indicating no official patch is available. The Web Launcher Management Plane component suggests this affects administrative/control interfaces, making it a high-priority target for internet-exposed deployments.

Technical ContextAI

PicoClaw is a component/framework associated with Sipeed hardware projects. This vulnerability involves CWE-77 (Command Injection), where unsanitized user input to the /api/gateway/restart endpoint is passed to system command execution functions. The affected component is described as the 'Web Launcher Management Plane,' suggesting a web-based administrative or control interface for gateway/device management. The CPE string (cpe:2.3:a:n/a:picoclaw) indicates limited standardized product tracking, complicating automated vulnerability scanning. Command injection occurs when an application constructs system commands using external input without proper validation or escaping, allowing attackers to inject additional commands using shell metacharacters (semicolons, pipes, backticks). The /api/gateway/restart endpoint likely accepts parameters that are directly concatenated into shell commands for restarting gateway services, creating the injection point.

RemediationAI

No vendor-released patch identified at time of analysis - the project maintainer (Sipeed) has not responded to responsible disclosure via GitHub issue #2307, and no fix commit or patched version beyond 0.2.4 is documented. IMMEDIATE COMPENSATING CONTROLS (critical for internet-exposed instances): (1) Block external access to /api/gateway/restart and all Web Launcher Management Plane endpoints using firewall rules or reverse proxy ACLs - restricts attack surface but prevents legitimate remote management; (2) Implement network segmentation to isolate PicoClaw management interfaces on trusted admin-only VLANs - reduces exposure but requires network architecture changes; (3) Deploy web application firewall (WAF) with command injection signatures targeting shell metacharacters in API parameters - provides detection/blocking but may generate false positives and won't stop all encoding bypasses; (4) If feasible, disable the /api/gateway/restart endpoint entirely at application or web server level if restart functionality is not operationally required - most effective mitigation but removes intended feature. Monitor GitHub repository (https://github.com/sipeed/picoclaw) and VulDB entry (https://vuldb.com/vuln/359530) for future patch announcements. Consider migrating to alternative management solutions if vendor remains unresponsive, as unpatched RCE in admin interfaces is unsustainable long-term.

Share

CVE-2026-6987 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy