PT-2026-60969 · Nextlevelbuilder · Goclaw
CVSS v3.1
4.3
Média
| Vetor | AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
A security flaw has been discovered in nextlevelbuilder GoClaw up to 3.13.2. Affected by this vulnerability is the function extractBin/RequestApproval/matchesAllowlist of the file internal/tools/exec approval.go. The manipulation results in incorrect authorization. The exploit has been released to the public and may be used for attacks.
Exploit
Correção
Incorrect Authorization
Improper Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Goclaw