제출 #856857: nextlevelbuilder GoClaw 3.13.2 Missing Authorization (CWE-862)정보

제목nextlevelbuilder GoClaw 3.13.2 Missing Authorization (CWE-862)
설명# Technical Details A cross-agent authorization bypass exists in the `ToolsInvokeHandler.ServeHTTP()` method in `internal/http/tools_invoke.go` of GoClaw. The application accepts a user-controlled `agentId` field in the request body, resolves it via `agentStore.GetByKey`, and injects the resolved agent UUID into context with `store.WithAgentID` without calling `CanAccess`. This allows an authenticated caller with only `operator.write` privileges to create cron jobs bound to another user's private agent, bypassing the access control that correctly blocks direct reads of the same agent with HTTP 403. # Vulnerable Code File: internal/http/tools_invoke.go Method: ToolsInvokeHandler.ServeHTTP() Why: The handler resolves `agentId` from the request and injects it into context without an authorization check. Direct agent reads in `internal/http/agents.go` enforce `CanAccess`, but the tool invocation path skips this check. The `cron` tool consumes the injected agent UUID and persists the attacker-chosen target into `cron_jobs.agent_id`. The scheduler later trusts this stored `job.AgentID` as the execution target, creating a stored cross-agent authorization bypass. # Reproduction 1. As `ownerA`, verify that `GET /v1/agents/owner-b-agent` returns `403 UNAUTHORIZED`. 2. As `ownerA`, send `POST /v1/tools/invoke` with `tool=cron` and `agentId=owner-b-agent` to create a cron job. 3. Observe HTTP 200 and the cron job is persisted with `user_id=ownerA` but `agent_id` bound to `ownerB`'s private agent. 4. Confirm in SQLite that `cron_jobs` contains a row where the bound `agent_key` is `owner-b-agent` and `owner_id` is `ownerB`. # Impact - Lower-privileged operators can plant stored scheduled work targeting another user's private agent. - The scheduled work will later run under the foreign agent's configuration, prompts, tools, and execution context. - Violates agent ownership boundaries and the scheduler's trust in persisted work items.
원천⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1217
사용자
 Eric-g (UID 96879)
제출2026. 06. 12. AM 10:55 (1 월 ago)
모더레이션2026. 07. 17. PM 05:57 (1 month later)
상태수락
VulDB 항목379832 [nextlevelbuilder GoClaw 까지 3.13.2 Invoke Endpoint tools_invoke.go ToolsInvokeHandler.ServeHTTP 권한 상승]
포인트들20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!