GoClaw
CVE-2026-7505
MEDIUM
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
8DescriptionCVE.org
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading to version 3.9.0 mitigates this issue. Patch name: 406022e79f4a18b3070a446712080571eff11e30. You should upgrade the affected component.
AnalysisAI
Improper authorization in the GoClaw and GoClaw Lite RPC gateway allows unauthenticated remote attackers to invoke privileged methods including configuration exfiltration, heartbeat manipulation, and agent mutation via WebSocket connections. Versions up to 3.8.5 implement a fail-open authorization policy where unclassified RPC methods default to viewer-level access and authentication failures fall back to authenticated viewer sessions. Public exploit code exists (GitHub issue #866) demonstrating unauthorized method invocation. Vendor-released patch: version 3.9.0 implements fail-closed authorization with explicit method classification and rejects connections lacking valid credentials.
Technical ContextAI
GoClaw is a remote management platform using WebSocket RPC for client-server communication. The vulnerability resides in the gateway router's permission enforcement layer (internal/gateway/router.go and internal/permissions/policy.go). The flawed implementation has two critical defects mapped to CWE-285 (Improper Authorization): (1) the MethodRole() function returned RoleViewer for any method not explicitly classified, creating a default-permit policy where newly added or undocumented RPCs were accessible to any authenticated client; (2) the handleConnect() method had a fallback Path 4 that granted authenticated viewer status even when both token validation and pairing verification failed, allowing completely unauthenticated clients to establish sessions. The CPE identifiers cpe:2.3:a:nextlevelbuilder:goclaw and cpe:2.3:a:nextlevelbuilder:goclaw_lite confirm both product variants share the same codebase and vulnerability. The patch refactors authorization to fail-closed semantics: MethodRole() now returns RoleNone for unclassified methods (which the router rejects with PERMISSION_DENIED), isPublicMethod() and isReadMethod() whitelists replace the default-permit logic, and Path 4 connection fallback now explicitly rejects with protocol.ErrUnauthorized instead of granting viewer access.
RemediationAI
Upgrade to GoClaw version 3.9.0 or later immediately (https://github.com/nextlevelbuilder/goclaw/releases/tag/v3.9.0). The patch (commit 406022e79f4a18b3070a446712080571eff11e30, PR #950) implements fail-closed authorization and eliminates the authentication fallback. If immediate upgrade is infeasible, apply compensating controls with these trade-offs: (1) restrict WebSocket endpoint access to authenticated networks via firewall rules (mitigates remote unauthenticated vector but blocks legitimate remote users and does not prevent insider threats); (2) deploy reverse proxy with strict method filtering to block non-public RPC methods (requires maintaining allowlist synchronized with application updates, risks breaking legitimate functionality); (3) enable TLS client certificate authentication at the transport layer (strong authentication but requires certificate distribution infrastructure and may not integrate with existing SSO). Each workaround introduces operational overhead and does not address the root cause. Vendor patch is the only complete remediation. Verify patch deployment by testing that unauthenticated WebSocket connections receive ErrUnauthorized and that invoking previously-exposed methods like heartbeat.set or config.get returns PERMISSION_DENIED errors.
OS command injection in nextlevelbuilder GoClaw through version 3.11.3 allows remote attackers to execute arbitrary shel
Missing authentication in GoClaw's Webhook Verification Handler allows unauthenticated remote attackers to interact with
Path traversal in GoClaw 3.13.3-beta.3 allows authenticated remote attackers to read or write files outside the intended
Incorrect authorization in nextlevelbuilder GoClaw's WebSocket RPC Handler allows authenticated low-privilege remote att
Server-side request forgery in GoClaw 3.13.3-beta.3 enables authenticated remote attackers to manipulate the `output.vid
Improper authorization in GoClaw (nextlevelbuilder/goclaw) up to version 3.11.3 allows a remote low-privileged attacker
Improper privilege management in nextlevelbuilder GoClaw up to version 3.11.3 allows authenticated low-privileged users
Missing authorization in nextlevelbuilder GoClaw up to version 3.11.3 allows low-privileged remote attackers to trigger
Information disclosure in nextlevelbuilder GoClaw up to version 3.13.3-beta.3 allows remote low-privileged attackers to
GoClaw 3.11.3 by nextlevelbuilder exposes an incomplete blacklist bypass in the ExecApprovalManager.CheckCommand functio
Server-side request forgery in nextlevelbuilder GoClaw through version 3.11.3 allows remote attackers with high-privileg
Same weakness CWE-285 – Improper Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today