जमा करें #857784: zevorn rt-claw 36d128f72afa0b9d40a21bcd6069b0c193a58f82 (unreleased main, post-v0.2.0) Remote Code Execution via Unsafe Tool Auto-Approval (CWE-94)जानकारी

शीर्षकzevorn rt-claw 36d128f72afa0b9d40a21bcd6069b0c193a58f82 (unreleased main, post-v0.2.0) Remote Code Execution via Unsafe Tool Auto-Approval (CWE-94)
विवरण# Technical Details A Remote Code Execution vulnerability exists in the Telegram-to-AI tool execution flow ending at `tool_run_script_execute` in `claw/services/tools/script.c` of rt-claw. The application fails to require explicit approval before executing dangerous AI-selected tools. A remote Telegram message can be forwarded into the AI pipeline, the model can return a `run_script` tool call, and `ai_engine.c` dispatches it through `claw_tool_invoke()` with no approval gate, leading to Python execution on Linux. # Vulnerable Code File: claw/services/im/telegram.c Method: tg_ai_worker Why: Untrusted Telegram text is forwarded into `ai_chat()`, which advertises tool schemas. When the model selects `run_script`, the call reaches `tool_run_script_execute` without any confirmation or deny-by-default control for dangerous local tools. # Reproduction 1. Download `verification_test.py`, `control-no-tool-call.py`, `harness.py`, `fake_ai_api.py`, and `fake_telegram_api.py` from the issue-linked gists. 2. Run `python3 verification_test.py` to build the Linux binary, start the fake Telegram and AI services, inject a Telegram message, and make the fake AI emit a `run_script` tool call. 3. Observe that `vuln/canary.txt` is created with `vuln-canary`; then run the control case and verify `control/canary.txt` is not created. # Impact - A remote Telegram user can trigger arbitrary Python execution through the AI tool path. - This can lead to local file read/write, credential theft, host tampering, and follow-on abuse of resources reachable by the `rtclaw` process.
स्रोत⚠️ https://github.com/zevorn/rt-claw/issues/138
उपयोगकर्ता
 Eric-h (UID 97582)
सबमिशन13/06/2026 08:14 AM (1 महीना पहले)
संयम18/07/2026 09:34 AM (1 month later)
स्थितिस्वीकृत
VulDB प्रविष्टि380020 [zevorn rt-claw तक 0.2.0 Telegram-to-AI Tool Execution Flow script.c tool_run_script_execute अधिकार वृद्धि]
अंक20

Do you need the next level of professionalism?

Upgrade your account now!