| Título | Sipeed PicoClaw <= 0.2.9 Missing Authorization (CWE-862) |
|---|
| Descripción | # Technical Details
A missing authorization vulnerability exists in the Pico WebSocket command path in `pkg/channels/pico/pico.go`, `pkg/agent/agent_command.go`, and `pkg/commands/cmd_reload.go` of PicoClaw.
The application fails to restrict the privileged `/reload` command to administrative channels. Any authenticated Pico WebSocket client can send normal chat content `/reload`, which is routed into the command executor and triggers the live gateway reload callback.
# Vulnerable Code
File: `pkg/channels/pico/pico.go`
Method: `handleMessageSend`
Why: Accepts authenticated Pico `message.send` content and forwards it into the generic inbound agent pipeline.
File: `pkg/agent/agent_command.go`
Method: command dispatch path
Why: Routes any slash-prefixed inbound chat content into the command executor without checking privilege.
File: `pkg/commands/cmd_reload.go`
Method: `reloadCommand`
Why: Invokes `rt.ReloadConfig()` without channel, role, or admin authorization.
# Reproduction
1. Run PicoClaw <= 0.2.9 with the Pico channel enabled.
2. Connect to `/pico/ws` using a valid Pico token.
3. Send a `message.send` payload whose content is `/reload`.
4. Observe a response such as `Config reload triggered!`.
5. Confirm unauthenticated direct HTTP `POST /reload` remains protected with `401`, showing the chat path bypasses the intended management authorization.
# Impact
- Lets lower-privileged authenticated Pico chat clients invoke an administrative runtime action.
- Can disrupt availability by repeatedly reloading gateway configuration.
- Can interfere with administrator changes and runtime state. |
|---|
| Fuente | ⚠️ https://github.com/sipeed/picoclaw/issues/3071 |
|---|
| Usuario | Eric-i (UID 97584) |
|---|
| Sumisión | 2026-06-09 13:28 (hace 1 mes) |
|---|
| Moderación | 2026-07-09 20:07 (1 month later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 377260 [Sipeed PicoClaw hasta 0.2.9 pico.go rt.ReloadConfig message.send escalada de privilegios] |
|---|
| Puntos | 20 |
|---|