Soumettre #856827: nextlevelbuilder GoClaw 3.13.2 Improper Authorization (CWE-285)information

Titrenextlevelbuilder GoClaw 3.13.2 Improper Authorization (CWE-285)
Description# Technical Details An Exec Approval Bypass via `sort -o` Safe-Bin Trust exists in the `isSafeBin()` method in `internal/tools/exec_approval.go` of GoClaw. The approval layer classifies `sort` as a safe command solely by basename through the global `safeBins` set. Under `ExecSecurityFull` with `ExecAskOnMiss`, any command matching `safeBins` is auto-approved. However, `sort -o <output>` writes files, enabling an authenticated operator to bypass the intended human-approval barrier and perform host-side workspace writes through the normal HTTP API. # Vulnerable Code File: internal/tools/exec_approval.go Method: isSafeBin() and CheckCommand() Why: `safeBins` includes `"sort": true`, and `isSafeBin()` performs a basename-only safety decision via `extractBin(command)`. `CheckCommand()` auto-approves any `safeBins` match under `ExecSecurityFull` + `ExecAskOnMiss`. The flag `sort -o` produces file-write side effects, but `isSafeBin()` does not inspect flags or side-effecting options. # Reproduction 1. Configure GoClaw with `tools.execApproval.security=full` and `ask=on-miss`. 2. Send `POST /v1/tools/invoke` with `{"tool":"exec","args":{"command":"sort -osort-short.txt input.txt","working_dir":"<workspace>"}}`. 3. Observe: HTTP 200 returned immediately, no approval prompt, and `sort-short.txt` created on disk with sorted content. 4. Control test: run `sh -c 'printf CONTROL_CANARY > control.txt'` — times out waiting for approval, control file not created. # Impact - Write or overwrite files inside the reachable workspace without the intended approval workflow - Bypass administrator expectation that file-modifying host commands will pause for human approval - Cause downstream project state changes through the official `exec` interface using only standard product configuration Vendor: nextlevelbuilder Product: GoClaw Version: 3.13.3-beta.3 Class: Improper Authorization (CWE-285) Link: https://github.com/nextlevelbuilder/goclaw/issues/1215 ReqCVE: 1 Desc: # Technical Details An authorization bypass exists in the `ExecTool.Execute()` method in `internal/tools/shell.go` of GoClaw. The application fails to recognize PowerShell wrapper forms (`pwsh`, `powershell`) in its secure-CLI gate, allowing an authenticated caller to wrap registered secure CLI binaries inside `pwsh -EncodedCommand` and execute them without the required per-agent grant. # Vulnerable Code File: internal/tools/credentialed_exec.go Method: detectWrapper() / wrapperBinaries map Why: The `wrapperBinaries` map contains only POSIX/utility wrappers (sh, bash, zsh, dash, env, nohup, stdbuf, timeout) but omits `pwsh` and `powershell`. When the outer binary is not in the map, `detectWrapper()` returns `ok=false`, stopping the recursive unwrapping before it reaches the inner registered secure CLI. The secure-CLI gate then checks only `pwsh` and not the decoded inner command like `gh`. # Reproduction 1. Register a high-risk binary (e.g., `gh`) as a tenant-scoped secure CLI without granting access to the current agent. 2. Invoke `POST /v1/tools/invoke` with `tool=exec` using the command `pwsh -EncodedCommand <base64("gh CANARY_BYPASS")>`. 3. Observe HTTP 200 and successful execution of the inner `gh` command despite lacking a grant. 4. Compare with the POSIX wrapper form `sh -c 'gh CANARY_CONTROL'` which is correctly blocked with "Binary 'gh' requires a secure CLI grant". # Impact - Authenticated operators or agents can execute registered credential/high-risk CLIs without the required per-agent grant. - The bypass undermines the secure-CLI registration mechanism entirely for PowerShell wrapper forms. - Attackers can abuse any permissions exposed by the wrapped CLI (repository admin, cloud control-plane, cluster operations, release actions, etc.).
La source⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1214
Utilisateur
 Erichen (UID 98955)
Soumission12/06/2026 10:40 (il y a 1 mois)
Modérer17/07/2026 17:57 (1 month later)
StatutAccepté
Entrée VulDB379830 [nextlevelbuilder GoClaw jusqu’à 3.13.2 exec_approval.go isSafeBin élévation de privilèges]
Points20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!