Invia #855805: nextlevelbuilder GoClaw 3.13.3-beta.3 Path Traversal / Sandbox Escape (CWE-22)informazioni

Titolonextlevelbuilder GoClaw 3.13.3-beta.3 Path Traversal / Sandbox Escape (CWE-22)
Descrizione# Technical Details A Path Traversal / Sandbox Escape exists in the `resolvePath` method in `internal/providers/acp/tool_bridge.go` of GoClaw. The application fails to safely resolve dangling symlinks before writing ACP files. An ACP-backed agent can create a dangling symlink inside the configured workspace and then call `fs/writeTextFile` on that in-workspace path. When `filepath.EvalSymlinks(cleaned)` fails, the validator falls back to the lexical path, which still appears inside the workspace, and `os.WriteFile` later follows the symlink target outside the sandbox. # Vulnerable Code File: internal/providers/acp/tool_bridge.go Method: resolvePath Why: The code uses `real, err := filepath.EvalSymlinks(cleaned)` and falls back to `real = cleaned` on error. `writeFile()` then calls `os.WriteFile(resolved, ...)`, allowing a dangling symlink alias inside the workspace to redirect writes to an external file. # Reproduction 1. Run a vulnerable GoClaw ACP ToolBridge deployment on version `3.13.3-beta.3` and create a dangling symlink inside the ACP workspace that points to a file outside the workspace. 2. From an ACP-backed agent session, invoke `fs/writeTextFile` against the symlink path. 3. Observe that GoClaw writes to the external target file even though direct traversal outside the workspace is blocked. # Impact - ACP-backed agents can modify files outside the configured workspace boundary. - This breaks workspace isolation and can tamper with neighboring workspace data, scripts, temporary files, and other writable host resources.
Fonte⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1201
Utente
 Eric-b (UID 96354)
Sottomissione11/06/2026 09:10 (1 mese fa)
Moderazione13/07/2026 19:24 (1 month later)
StatoAccettato
Voce VulDB378128 [nextlevelbuilder GoClaw 3.13.3-beta.3 ACP ToolBridge Workspace tool_bridge.go writeFile directory traversal]
Punti20

Interested in the pricing of exploits?

See the underground prices here!