Workclaw
Monthly
OS command injection in haojing8312 WorkClaw up to version 0.6.4 allows a low-privileged remote attacker to bypass the application's blacklist-based command filter and execute arbitrary operating system commands. The flaw resides in the `is_dangerous` function within the Rust/Tauri agent's bash tool (`apps/runtime/src-tauri/src/agent/tools/bash.rs`), where an incomplete blacklist fails to block crafted payloads. A publicly available proof-of-concept exploit exists via a GitHub issue report; no vendor patch has been released as the project has not responded to the disclosure.
OS command injection in haojing8312 WorkClaw up to version 0.6.4 allows a low-privileged remote attacker to bypass the application's blacklist-based command filter and execute arbitrary operating system commands. The flaw resides in the `is_dangerous` function within the Rust/Tauri agent's bash tool (`apps/runtime/src-tauri/src/agent/tools/bash.rs`), where an incomplete blacklist fails to block crafted payloads. A publicly available proof-of-concept exploit exists via a GitHub issue report; no vendor patch has been released as the project has not responded to the disclosure.