Submit #857622: zevorn rt-claw 36d128f72afa0b9d40a21bcd6069b0c193a58f82 (unreleased main, post-v0.2.0) Incorrect Authorization leading to Remote Code Execution (CWE-863)info

Titelzevorn rt-claw 36d128f72afa0b9d40a21bcd6069b0c193a58f82 (unreleased main, post-v0.2.0) Incorrect Authorization leading to Remote Code Execution (CWE-863)
Beschreibung# Technical Details An Incorrect Authorization vulnerability exists in the `handle_rpc_request` method in `claw/services/swarm/swarm.c` of rt-claw. The application fails to enforce the `CLAW_TOOL_LOCAL_ONLY` policy on the swarm RPC receiver path. A remote node can send a crafted UDP RPC request with `tool_name="run_script"` and attacker-controlled JSON, and the receiver directly invokes the tool even though `run_script` is explicitly marked local-only. # Vulnerable Code File: claw/services/swarm/swarm.c Method: handle_rpc_request Why: The receiver parses the inbound payload and calls `claw_tool_invoke()` without checking the target tool flags, while the sender helper `swarm_rpc_call()` does enforce the local-only restriction. On Linux, this reaches `tool_run_script_execute` and `claw_platform_run_script`, which execute Python code. # Reproduction 1. Download `verification_test.py` and `control-normal-behavior.py` from the issue-linked gists. 2. Build the Linux target with swarm and `run_script` enabled, then run the control script first. 3. Run `python3 verification_test.py` and observe that an unauthenticated swarm RPC request invokes `run_script` and reaches Python execution on the node. # Impact - An unauthenticated remote node can bypass local-only tool restrictions. - On Linux deployments with `tool_script` enabled, this leads to arbitrary Python execution in the context of the `rtclaw` process.
Quelle⚠️ https://github.com/zevorn/rt-claw/issues/133
Benutzer
 Eric-x (UID 94869)
Einreichung13.06.2026 05:06 (vor 1 Monat)
Moderieren18.07.2026 09:29 (1 month later)
StatusAkzeptiert
VulDB Eintrag380016 [zevorn rt-claw bis 0.2.0 RPC swarm.c claw_tool_invoke erweiterte Rechte]
Punkte20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!