Droidclaw
Monthly
Missing brute-force protection on the claim endpoint in unitedbyai droidclaw (all versions up to 0.5.3) allows unauthenticated remote attackers to submit unlimited authentication attempts against the device pairing flow, potentially enumerating or compromising pairing credentials. The root cause is CWE-307 - absent rate limiting or lockout logic in server/src/routes/pairing.ts. A publicly available proof-of-concept exploit exists (hosted on GitHub Gist), though high attack complexity and low confidentiality impact constrain the real-world severity. No patch has been released; the vendor has not responded to the responsible disclosure filed via GitHub issue #14.
Missing brute-force protection on the claim endpoint in unitedbyai droidclaw (all versions up to 0.5.3) allows unauthenticated remote attackers to submit unlimited authentication attempts against the device pairing flow, potentially enumerating or compromising pairing credentials. The root cause is CWE-307 - absent rate limiting or lockout logic in server/src/routes/pairing.ts. A publicly available proof-of-concept exploit exists (hosted on GitHub Gist), though high attack complexity and low confidentiality impact constrain the real-world severity. No patch has been released; the vendor has not responded to the responsible disclosure filed via GitHub issue #14.