PT-2026-57953 · Nextlevelbuilder · Goclaw
Eric-B
·
Publicado
2026-07-14
·
Atualizado
2026-07-14
·
CVE-2026-15625
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/exec approval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public and could be used.
Exploit
Correção
Incomplete List of Disallowed Inputs
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Goclaw