| शीर्षक | nextlevelbuilder GoClaw 3.13.2 Improper Authorization (CWE-285) |
|---|
| विवरण | # Technical Details
An Exec Approval Bypass via `sort -o` Safe-Bin Trust exists in the `isSafeBin()` method in `internal/tools/exec_approval.go` of GoClaw.
The approval layer classifies `sort` as a safe command solely by basename through the global `safeBins` set. Under `ExecSecurityFull` with `ExecAskOnMiss`, any command matching `safeBins` is auto-approved. However, `sort -o <output>` writes files, enabling an authenticated operator to bypass the intended human-approval barrier and perform host-side workspace writes through the normal HTTP API.
# Vulnerable Code
File: internal/tools/exec_approval.go
Method: isSafeBin() and CheckCommand()
Why: `safeBins` includes `"sort": true`, and `isSafeBin()` performs a basename-only safety decision via `extractBin(command)`. `CheckCommand()` auto-approves any `safeBins` match under `ExecSecurityFull` + `ExecAskOnMiss`. The flag `sort -o` produces file-write side effects, but `isSafeBin()` does not inspect flags or side-effecting options.
# Reproduction
1. Configure GoClaw with `tools.execApproval.security=full` and `ask=on-miss`.
2. Send `POST /v1/tools/invoke` with `{"tool":"exec","args":{"command":"sort -osort-short.txt input.txt","working_dir":"<workspace>"}}`.
3. Observe: HTTP 200 returned immediately, no approval prompt, and `sort-short.txt` created on disk with sorted content.
4. Control test: run `sh -c 'printf CONTROL_CANARY > control.txt'` — times out waiting for approval, control file not created.
# Impact
- Write or overwrite files inside the reachable workspace without the intended approval workflow
- Bypass administrator expectation that file-modifying host commands will pause for human approval
- Cause downstream project state changes through the official `exec` interface using only standard product configuration
Vendor: nextlevelbuilder
Product: GoClaw
Version: 3.13.3-beta.3
Class: Improper Authorization (CWE-285)
Link: https://github.com/nextlevelbuilder/goclaw/issues/1215
ReqCVE: 1
Desc:
# Technical Details
An authorization bypass exists in the `ExecTool.Execute()` method in `internal/tools/shell.go` of GoClaw.
The application fails to recognize PowerShell wrapper forms (`pwsh`, `powershell`) in its secure-CLI gate, allowing an authenticated caller to wrap registered secure CLI binaries inside `pwsh -EncodedCommand` and execute them without the required per-agent grant.
# Vulnerable Code
File: internal/tools/credentialed_exec.go
Method: detectWrapper() / wrapperBinaries map
Why: The `wrapperBinaries` map contains only POSIX/utility wrappers (sh, bash, zsh, dash, env, nohup, stdbuf, timeout) but omits `pwsh` and `powershell`. When the outer binary is not in the map, `detectWrapper()` returns `ok=false`, stopping the recursive unwrapping before it reaches the inner registered secure CLI. The secure-CLI gate then checks only `pwsh` and not the decoded inner command like `gh`.
# Reproduction
1. Register a high-risk binary (e.g., `gh`) as a tenant-scoped secure CLI without granting access to the current agent.
2. Invoke `POST /v1/tools/invoke` with `tool=exec` using the command `pwsh -EncodedCommand <base64("gh CANARY_BYPASS")>`.
3. Observe HTTP 200 and successful execution of the inner `gh` command despite lacking a grant.
4. Compare with the POSIX wrapper form `sh -c 'gh CANARY_CONTROL'` which is correctly blocked with "Binary 'gh' requires a secure CLI grant".
# Impact
- Authenticated operators or agents can execute registered credential/high-risk CLIs without the required per-agent grant.
- The bypass undermines the secure-CLI registration mechanism entirely for PowerShell wrapper forms.
- Attackers can abuse any permissions exposed by the wrapped CLI (repository admin, cloud control-plane, cluster operations, release actions, etc.). |
|---|
| स्रोत | ⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1214 |
|---|
| उपयोगकर्ता | Erichen (UID 98955) |
|---|
| सबमिशन | 12/06/2026 10:40 AM (1 महीना पहले) |
|---|
| संयम | 17/07/2026 05:57 PM (1 month later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 379830 [nextlevelbuilder GoClaw तक 3.13.2 exec_approval.go isSafeBin अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|