PT-2026-57953 · Nextlevelbuilder · Goclaw

Eric-B

·

Publicado

2026-07-14

·

Atualizado

2026-07-14

·

CVE-2026-15625

CVSS v2.0

6.5

Média

VetorAV:N/AC:L/Au:S/C:P/I:P/A:P
A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/exec approval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public and could be used.

Exploit

Correção

Incomplete List of Disallowed Inputs

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-15625

Produtos afetados

Goclaw