Goclaw
Monthly
Missing authentication in GoClaw's Webhook Verification Handler allows unauthenticated remote attackers to interact with webhook endpoints without valid credentials, affecting all versions up to and including 3.11.3. The flaw resides in the `resolveAuth` function within `internal/http/auth.go`, where the authentication check can be bypassed entirely. A publicly available exploit has been disclosed (GitHub issue #1134), and the project acknowledges the issue as a bug; no confirmed patched release has been identified at time of analysis.
Missing authorization in nextlevelbuilder GoClaw up to version 3.11.3 allows low-privileged remote attackers to trigger unauthorized team task completions via the TeamTasksTool.executeComplete function. The flaw, classified as CWE-862, permits any authenticated user to bypass permission checks in the Team Task Completion Handler, falsely marking tasks as complete regardless of their authorization level. A publicly available exploit exists (referenced in GitHub issue #1133), though no public exploit confirmed in active exploitation - the vulnerability is not listed in CISA KEV, and its CVSS 4.0 score of 2.1 reflects the limited integrity-only impact.
Server-side request forgery in nextlevelbuilder GoClaw through version 3.11.3 allows remote attackers with high-privilege credentials to manipulate the TTS Configuration Import function into issuing arbitrary server-side HTTP requests to unintended destinations. The vulnerable code path is the Import function within internal/http/tts_config.go, reachable over the network without user interaction once an administrative session is established. A publicly available proof-of-concept exploit exists (confirmed by CVSS temporal metric E:P and GitHub issue #1132); no active exploitation has been confirmed by CISA KEV, and the project has characterized the report as a bug rather than a security issue, which may signal a slower remediation response.
OS command injection in nextlevelbuilder GoClaw through version 3.11.3 allows remote attackers to execute arbitrary shell commands inside the sandbox container by supplying a crafted file path to the write_file tool. The flaw exists in FsBridge.WriteFile (internal/sandbox/fsbridge.go), which interpolated the destination path into a shell command (`sh -c "cat > <path>"`) executed via docker exec, letting shell metacharacters such as `$(...)` break out of the intended write operation. Publicly available exploit code exists and the upstream patch is still pending merge at the time of analysis, raising real-world risk despite a moderate 7.3 CVSS.
Improper authorization in GoClaw (nextlevelbuilder/goclaw) up to version 3.11.3 allows a remote low-privileged attacker to bypass authorization controls via the `auth` function in `internal/http/evolution_handlers.go`. The CVSS 4.0 score is 2.1 with limited integrity and availability impact and no confidentiality exposure. A public proof-of-concept exploit has been disclosed via a GitHub issue, though the project has not been confirmed as actively exploited in the wild per CISA KEV.
Improper privilege management in nextlevelbuilder GoClaw up to version 3.11.3 allows authenticated low-privileged users to escalate privileges via the handleSave function of the RoleAdmin Gateway component (internal/http/tts_config.go). The vulnerability is remotely exploitable over the network with no user interaction required, though a low-privilege authenticated session is a prerequisite per the CVSS:4.0 vector (PR:L). A publicly available proof-of-concept exists (published via GitHub issue #1118), but this CVE has not been added to the CISA KEV catalog. The CVSS 4.0 base score of 2.1 (LOW) reflects constrained confidentiality, integrity, and availability impact with no scope change to downstream systems.
Improper authorization in the GoClaw and GoClaw Lite RPC gateway allows unauthenticated remote attackers to invoke privileged methods including configuration exfiltration, heartbeat manipulation, and agent mutation via WebSocket connections. Versions up to 3.8.5 implement a fail-open authorization policy where unclassified RPC methods default to viewer-level access and authentication failures fall back to authenticated viewer sessions. Public exploit code exists (GitHub issue #866) demonstrating unauthorized method invocation. Vendor-released patch: version 3.9.0 implements fail-closed authorization with explicit method classification and rejects connections lacking valid credentials.
Missing authentication in GoClaw's Webhook Verification Handler allows unauthenticated remote attackers to interact with webhook endpoints without valid credentials, affecting all versions up to and including 3.11.3. The flaw resides in the `resolveAuth` function within `internal/http/auth.go`, where the authentication check can be bypassed entirely. A publicly available exploit has been disclosed (GitHub issue #1134), and the project acknowledges the issue as a bug; no confirmed patched release has been identified at time of analysis.
Missing authorization in nextlevelbuilder GoClaw up to version 3.11.3 allows low-privileged remote attackers to trigger unauthorized team task completions via the TeamTasksTool.executeComplete function. The flaw, classified as CWE-862, permits any authenticated user to bypass permission checks in the Team Task Completion Handler, falsely marking tasks as complete regardless of their authorization level. A publicly available exploit exists (referenced in GitHub issue #1133), though no public exploit confirmed in active exploitation - the vulnerability is not listed in CISA KEV, and its CVSS 4.0 score of 2.1 reflects the limited integrity-only impact.
Server-side request forgery in nextlevelbuilder GoClaw through version 3.11.3 allows remote attackers with high-privilege credentials to manipulate the TTS Configuration Import function into issuing arbitrary server-side HTTP requests to unintended destinations. The vulnerable code path is the Import function within internal/http/tts_config.go, reachable over the network without user interaction once an administrative session is established. A publicly available proof-of-concept exploit exists (confirmed by CVSS temporal metric E:P and GitHub issue #1132); no active exploitation has been confirmed by CISA KEV, and the project has characterized the report as a bug rather than a security issue, which may signal a slower remediation response.
OS command injection in nextlevelbuilder GoClaw through version 3.11.3 allows remote attackers to execute arbitrary shell commands inside the sandbox container by supplying a crafted file path to the write_file tool. The flaw exists in FsBridge.WriteFile (internal/sandbox/fsbridge.go), which interpolated the destination path into a shell command (`sh -c "cat > <path>"`) executed via docker exec, letting shell metacharacters such as `$(...)` break out of the intended write operation. Publicly available exploit code exists and the upstream patch is still pending merge at the time of analysis, raising real-world risk despite a moderate 7.3 CVSS.
Improper authorization in GoClaw (nextlevelbuilder/goclaw) up to version 3.11.3 allows a remote low-privileged attacker to bypass authorization controls via the `auth` function in `internal/http/evolution_handlers.go`. The CVSS 4.0 score is 2.1 with limited integrity and availability impact and no confidentiality exposure. A public proof-of-concept exploit has been disclosed via a GitHub issue, though the project has not been confirmed as actively exploited in the wild per CISA KEV.
Improper privilege management in nextlevelbuilder GoClaw up to version 3.11.3 allows authenticated low-privileged users to escalate privileges via the handleSave function of the RoleAdmin Gateway component (internal/http/tts_config.go). The vulnerability is remotely exploitable over the network with no user interaction required, though a low-privilege authenticated session is a prerequisite per the CVSS:4.0 vector (PR:L). A publicly available proof-of-concept exists (published via GitHub issue #1118), but this CVE has not been added to the CISA KEV catalog. The CVSS 4.0 base score of 2.1 (LOW) reflects constrained confidentiality, integrity, and availability impact with no scope change to downstream systems.
Improper authorization in the GoClaw and GoClaw Lite RPC gateway allows unauthenticated remote attackers to invoke privileged methods including configuration exfiltration, heartbeat manipulation, and agent mutation via WebSocket connections. Versions up to 3.8.5 implement a fail-open authorization policy where unclassified RPC methods default to viewer-level access and authentication failures fall back to authenticated viewer sessions. Public exploit code exists (GitHub issue #866) demonstrating unauthorized method invocation. Vendor-released patch: version 3.9.0 implements fail-closed authorization with explicit method classification and rejects connections lacking valid credentials.