Отправить #852879: Sipeed PicoClaw <= 0.2.9 Incorrect Authorization (CWE-863)Информация

НазваниеSipeed PicoClaw <= 0.2.9 Incorrect Authorization (CWE-863)
Описание# Technical Details An authorization bypass exists in the MQTT inbound authorization flow in `pkg/channels/mqtt/mqtt.go` and `pkg/channels/base.go` of PicoClaw. The application fails to authenticate that the MQTT topic `{client_id}` belongs to the real sender. `clientIDFromTopic` extracts the attacker-controlled client identifier from the topic path, and `handleInbound` stores it into `InboundContext.SenderID`. The common channel authorization layer then performs raw allowlist matching against this untrusted `SenderID`. # Vulnerable Code File: `pkg/channels/mqtt/mqtt.go` Method: `clientIDFromTopic`, `handleInbound` Why: Extracts `{client_id}` directly from the MQTT topic and forwards it as sender identity. File: `pkg/channels/base.go` Method: `IsAllowedSender` / inbound allowlist handling Why: Falls back to raw string matching on `InboundContext.SenderID` when no authenticated `SenderInfo` is supplied. # Reproduction 1. Configure MQTT with `allow_from` containing a trusted client identifier. 2. Connect or publish through the MQTT channel using a topic whose `{client_id}` segment is set to the trusted identifier. 3. Send a message from an untrusted MQTT client. 4. Observe that PicoClaw treats the topic-derived value as trusted sender identity and accepts the inbound message. # Impact - Bypasses MQTT channel sender allowlists. - Allows untrusted MQTT publishers to impersonate allowlisted client identifiers. - Can expose the agent runtime to unauthorized prompt injection, tool invocation, or downstream automation.
Источник⚠️ https://github.com/sipeed/picoclaw/issues/3068
Пользователь Eric-d (UID 96861)
Представление09.06.2026 12:15 (1 месяц назад)
Модерация09.07.2026 20:07 (1 month later)
Статуспринято
Запись VulDB377258 [Sipeed PicoClaw до 0.2.9 MQTT Channel mqtt.go client_id эскалация привилегий]
Баллы20

Do you know our Splunk app?

Download it now for free!