PT-2026-60969 · Nextlevelbuilder · Goclaw
CVSS v3.1
4.3
Medium
| Vector | AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
A security flaw has been discovered in nextlevelbuilder GoClaw up to 3.13.2. Affected by this vulnerability is the function extractBin/RequestApproval/matchesAllowlist of the file internal/tools/exec approval.go. The manipulation results in incorrect authorization. The exploit has been released to the public and may be used for attacks.
Exploit
Fix
Incorrect Authorization
Improper Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Goclaw