| Titel | nextlevelbuilder GoClaw 3.13.2 OS Command Injection (CWE-78) |
|---|
| Beschreibung | # Technical Details
An OS Command Injection vulnerability exists in the `matchesAllowlist` method in `internal/tools/exec_approval.go` of GoClaw.
The application fails to normalize or segment shell chains before approval. The documented `POST /v1/tools/invoke` API accepts user-controlled `args.command`, `ExecApprovalManager.CheckCommand()` authorizes the request if the first token matches the allowlist, and `ExecTool.Execute()` later executes the unchanged command string with `/bin/sh -c` on POSIX systems. As a result, a payload like `echo allowlisted && touch /path/to/canary` is approved because the first token is `echo`, but the shell also executes the second command segment.
# Vulnerable Code
File: internal/tools/exec_approval.go
Method: matchesAllowlist
Why: The allowlist compares only `extractBin(command)` to configured patterns. After that, `internal/tools/shell.go` calls `executeOnHost(ctx, command, cwd)` and `exec.Command(shellPath, "-c", command)`, so shell operators such as `&&` remain interpreted by the host shell.
# Reproduction
1. Configure GoClaw `3.13.2` with the built-in `exec` tool enabled, `tools.execApproval.security="allowlist"`, `tools.execApproval.ask="off"`, and an allowlist containing `echo`.
2. Submit `POST /v1/tools/invoke` with `args.command` set to `echo allowlisted && touch /path/to/canary`.
3. Confirm that a direct `touch /path/to/canary` request is denied but the chained payload is accepted and creates the canary file.
# Impact
- Authenticated operators can execute non-allowlisted host commands by chaining them after an allowlisted prefix.
- This permits unauthorized file creation, modification, follow-on payload staging, and broader host-side command execution. |
|---|
| Quelle | ⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1208 |
|---|
| Benutzer | Eric-e (UID 97581) |
|---|
| Einreichung | 11.06.2026 10:39 (vor 1 Monat) |
|---|
| Moderieren | 13.07.2026 19:24 (1 month later) |
|---|
| Status | Duplikat |
|---|
| VulDB Eintrag | 378127 [nextlevelbuilder GoClaw 3.11.3 exec_approval.go ExecApprovalManager.CheckCommand erweiterte Rechte] |
|---|
| Punkte | 0 |
|---|