| Titel | nextlevelbuilder GoClaw 3.13.2 Incorrect Authorization (CWE-863) |
|---|
| Beschreibung | # Technical Details
An Exec Approval Bypass via BusyBox-wrapped `allow-always` exists in the `RequestApproval()` method in `internal/tools/exec_approval.go` of GoClaw.
The application's approval cache persists `allow-always` decisions using only `extractBin(command)`, which returns the basename of the first token (e.g., `busybox`). This means once an operator permanently approves one BusyBox-wrapped shell command (`busybox sh -c 'echo warmup-ok'`), all subsequent `busybox sh -c ...` payloads bypass re-approval because they resolve to the same cache key.
# Vulnerable Code
File: internal/tools/exec_approval.go
Method: RequestApproval() and matchesAllowlist()
Why: `RequestApproval()` persists `allow-always` using only `extractBin(command)` which returns `filepath.Base(fields[0])`. `matchesAllowlist()` later checks only that same extracted basename. For `/usr/bin/busybox sh -c '...'`, the stored trust key is `busybox`, and any subsequent `busybox sh -c '<arbitrary payload>'` matches the same key, executing without new approval.
# Reproduction
1. Configure GoClaw with `tools.execApproval.security=full` and `ask=on-miss`.
2. Approve `/usr/bin/busybox sh -c 'echo warmup-ok'` with `allow-always` via the WebSocket approval endpoint.
3. Invoke `/usr/bin/busybox sh -c 'id > marker'` via `POST /v1/tools/invoke`.
4. Observe: no second approval event, HTTP 200 returned, and `marker` file contains `uid=0(root)`.
5. Control test: repeat with `allow-once` — a second approval event fires, denial returns HTTP 400, no marker file created.
# Impact
- Arbitrary command execution with the GoClaw process's host privileges after a single BusyBox approval
- Workspace file read/write and tampering
- Credential, config, source, or token extraction from the host environment
- Follow-on system compromise depending on deployment context |
|---|
| Quelle | ⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1212 |
|---|
| Benutzer | Erichen (UID 98955) |
|---|
| Einreichung | 12.06.2026 10:39 (vor 1 Monat) |
|---|
| Moderieren | 17.07.2026 17:57 (1 month later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 379828 [nextlevelbuilder GoClaw bis 3.13.2 WebSocket Approval Endpoint exec_approval.go RequestApproval erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|