PT-2026-56869 · Aidanpark · Openclaw-Android
Dem00000
·
Publicado
2026-07-09
·
Atualizado
2026-07-09
·
CVE-2026-15193
CVSS v2.0
4.3
Média
| Vetor | AV:L/AC:L/Au:S/C:P/I:P/A:P |
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
Exploit
Correção
OS Command Injection
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Openclaw-Android