提出 #855805: nextlevelbuilder GoClaw 3.13.3-beta.3 Path Traversal / Sandbox Escape (CWE-22)情報

タイトルnextlevelbuilder GoClaw 3.13.3-beta.3 Path Traversal / Sandbox Escape (CWE-22)
説明# Technical Details A Path Traversal / Sandbox Escape exists in the `resolvePath` method in `internal/providers/acp/tool_bridge.go` of GoClaw. The application fails to safely resolve dangling symlinks before writing ACP files. An ACP-backed agent can create a dangling symlink inside the configured workspace and then call `fs/writeTextFile` on that in-workspace path. When `filepath.EvalSymlinks(cleaned)` fails, the validator falls back to the lexical path, which still appears inside the workspace, and `os.WriteFile` later follows the symlink target outside the sandbox. # Vulnerable Code File: internal/providers/acp/tool_bridge.go Method: resolvePath Why: The code uses `real, err := filepath.EvalSymlinks(cleaned)` and falls back to `real = cleaned` on error. `writeFile()` then calls `os.WriteFile(resolved, ...)`, allowing a dangling symlink alias inside the workspace to redirect writes to an external file. # Reproduction 1. Run a vulnerable GoClaw ACP ToolBridge deployment on version `3.13.3-beta.3` and create a dangling symlink inside the ACP workspace that points to a file outside the workspace. 2. From an ACP-backed agent session, invoke `fs/writeTextFile` against the symlink path. 3. Observe that GoClaw writes to the external target file even though direct traversal outside the workspace is blocked. # Impact - ACP-backed agents can modify files outside the configured workspace boundary. - This breaks workspace isolation and can tamper with neighboring workspace data, scripts, temporary files, and other writable host resources.
ソース⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1201
ユーザー
 Eric-b (UID 96354)
送信2026年06月11日 09:10 (1 月 ago)
モデレーション2026年07月13日 19:24 (1 month later)
ステータス承諾済み
VulDBエントリ378128 [nextlevelbuilder GoClaw 3.13.3-beta.3 ACP ToolBridge Workspace tool_bridge.go writeFile ディレクトリトラバーサル]
ポイント20

Interested in the pricing of exploits?

See the underground prices here!