Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (VulnCheck) · only source for this CVE.
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests to ticket endpoints. Attackers can exploit insufficient access control checks on the /v1/leases/:id/code/ticket, /v1/leases/:id/webvnc/ticket, and /v1/leases/:id/egress/ticket endpoints to obtain bridge-agent tickets and impersonate trusted lease-side bridges despite having only visibility permissions.
AnalysisAI
Privilege escalation in Crabbox versions prior to v0.12.0 allows authenticated users with visibility-only permissions to escalate privileges and obtain code execution, remote desktop access, and data exfiltration capabilities. By directly invoking three unprotected ticket-generation endpoints (/v1/leases/:id/code/ticket, /v1/leases/:id/webvnc/ticket, /v1/leases/:id/egress/ticket), attackers can obtain bridge-agent credentials and impersonate trusted lease-side bridges, bypassing intended read-only access restrictions. The vulnerability was patched in v0.12.0 (commit 95cb30dc) following VulnCheck disclosure. CVSS 8.6 (High) reflects network-accessible exploitation requiring only low-privilege authentication with low attack complexity. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, though the attack is straightforward for authenticated insiders.
Technical ContextAI
Crabbox is an infrastructure management platform (openclaw/crabbox) that orchestrates ephemeral compute leases across cloud providers with role-based visibility controls. The vulnerability stems from CWE-639 (Authorization Bypass Through User-Controlled Key), where the application fails to validate whether the authenticated user's permission level (visibility-only vs. full control) authorizes privileged operations before issuing bridge-agent tickets. The affected endpoints generate time-limited JWT or session tokens for three critical lease-side services: Code (remote code execution/shell access), WebVNC (remote desktop/graphical access), and Egress (data exfiltration/network bridge). According to CPE cpe:2.3:a:openclaw:crabbox:*:*:*:*:*:*:*:*, all versions before v0.12.0 are vulnerable. The CVSS vector (AV:N/AC:L/PR:L) indicates the endpoints are remotely accessible via network APIs with no additional complexity barriers once a low-privilege user authenticates. The attack surface exists wherever Crabbox deployments implement shared visibility permissions, a common pattern in multi-tenant or team-based infrastructure-as-code workflows.
RemediationAI
Upgrade immediately to Crabbox v0.12.0 or later from https://github.com/openclaw/crabbox/releases/tag/v0.12.0, which contains the authorization fix in commit 95cb30dc7dbaa1fef690a42ef6ac1cb6e307a191 per pull request https://github.com/openclaw/crabbox/pull/71. For environments unable to upgrade immediately, implement network-level access controls to restrict API endpoint access (/v1/leases/:id/code/ticket, /v1/leases/:id/webvnc/ticket, /v1/leases/:id/egress/ticket) to only fully-privileged users through reverse proxy rules or API gateway policies, though this workaround does not address the underlying authorization flaw and may break legitimate visibility-only workflows. Audit existing lease access logs for POST requests to the three ticket endpoints from users with visibility-only permissions to detect potential historical exploitation. Review and rotate any bridge-agent credentials or session tokens that may have been obtained by unauthorized users. No configuration-only mitigation fully resolves the vulnerability; code upgrade is required for complete remediation.
Crabbox versions before 0.12.0 leak local secrets through environment variable forwarding during remote command executio
Authentication bypass in Crabbox versions prior to v0.12.0 allows authenticated attackers with shared-token access to im
Authentication bypass in Crabbox coordinator allows privilege escalation to full admin access. Attackers holding valid l
Path traversal in Crabbox <0.9.0 allows local attackers to delete or overwrite arbitrary files via malicious .crabbox.ya
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30419
GHSA-23m9-rr4p-xpwh