| 标题 | zevorn rt-claw 36d128f72afa0b9d40a21bcd6069b0c193a58f82 (unreleased main, post-v0.2.0) Incorrect Authorization leading to Remote Code Execution (CWE-863) |
|---|
| 描述 | # Technical Details
An Incorrect Authorization vulnerability exists in the `handle_rpc_request` method in `claw/services/swarm/swarm.c` of rt-claw.
The application fails to enforce the `CLAW_TOOL_LOCAL_ONLY` policy on the swarm RPC receiver path. A remote node can send a crafted UDP RPC request with `tool_name="run_script"` and attacker-controlled JSON, and the receiver directly invokes the tool even though `run_script` is explicitly marked local-only.
# Vulnerable Code
File: claw/services/swarm/swarm.c
Method: handle_rpc_request
Why: The receiver parses the inbound payload and calls `claw_tool_invoke()` without checking the target tool flags, while the sender helper `swarm_rpc_call()` does enforce the local-only restriction. On Linux, this reaches `tool_run_script_execute` and `claw_platform_run_script`, which execute Python code.
# Reproduction
1. Download `verification_test.py` and `control-normal-behavior.py` from the issue-linked gists.
2. Build the Linux target with swarm and `run_script` enabled, then run the control script first.
3. Run `python3 verification_test.py` and observe that an unauthenticated swarm RPC request invokes `run_script` and reaches Python execution on the node.
# Impact
- An unauthenticated remote node can bypass local-only tool restrictions.
- On Linux deployments with `tool_script` enabled, this leads to arbitrary Python execution in the context of the `rtclaw` process. |
|---|
| 来源 | ⚠️ https://github.com/zevorn/rt-claw/issues/133 |
|---|
| 用户 | Eric-x (UID 94869) |
|---|
| 提交 | 2026-06-13 05時06分 (1 月前) |
|---|
| 管理 | 2026-07-18 09時29分 (1 month later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 380016 [zevorn rt-claw 直到 0.2.0 RPC swarm.c claw_tool_invoke 权限提升] |
|---|
| 积分 | 20 |
|---|