提出 #856826: nextlevelbuilder GoClaw 3.13.3-beta.3 Use of Incorrectly-Resolved Name or Reference (CWE-706)情報

タイトルnextlevelbuilder GoClaw 3.13.3-beta.3 Use of Incorrectly-Resolved Name or Reference (CWE-706)
説明# Technical Details An Exec Approval Allowlist Basename Collision vulnerability exists in the `matchesAllowlist()` and `extractBin()` methods in `internal/tools/exec_approval.go` of GoClaw. The approval layer resolves the user-supplied command to a basename via `extractBin()` (which returns `filepath.Base(fields[0])`), collapsing relative paths like `./echo` to the basename `echo`. If the allowlist contains `echo`, the check passes. However, execution later runs the original command string (`./echo`) through `/bin/sh -c`, causing a workspace-placed malicious binary to execute with host privileges. # Vulnerable Code File: internal/tools/exec_approval.go Method: matchesAllowlist() and extractBin() Why: `extractBin()` returns `filepath.Base(fields[0])`, so `./echo` resolves to `echo`. `matchesAllowlist()` matches allowlist patterns against this basename first. The approval decision trusts `echo`, but `ExecTool.Execute()` passes the original `./echo` to `executeOnHost()` which runs `/bin/sh -c ./echo`, executing the attacker-controlled workspace binary. # Reproduction 1. Configure GoClaw with `tools.execApproval.security=allowlist` and allowlist `["echo"]`. 2. Place a malicious `echo` binary in the workspace that prints a canary string. 3. Send `POST /v1/tools/invoke` with `{"tool":"exec","args":{"command":"./echo","working_dir":"<workspace>"}}`. 4. Observe: HTTP 200 returned, canary output from the workspace binary. 5. Control test: use allowlist `["/bin/echo"]` — the workspace `./echo` is correctly denied with HTTP 400 and `TOOL_ERROR`. # Impact - Operator-triggered execution of attacker-chosen workspace binaries with GoClaw host privileges - Bypass of exec approval allowlist intended to constrain which commands may run automatically - Local file access, host network reachability, and compromise of secrets or automation capabilities available to the service account
ソース⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1213
ユーザー
 Erichen (UID 98955)
送信2026年06月12日 10:39 (1 月 ago)
モデレーション2026年07月17日 17:57 (1 month later)
ステータス承諾済み
VulDBエントリ379829 [nextlevelbuilder GoClaw 迄 3.13.3-beta.3 exec_approval.go matchesAllowlist/extractBin 特権昇格]
ポイント20

Interested in the pricing of exploits?

See the underground prices here!