Description
A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/exec_approval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public and could be used.
Problem types
Permissive List of Allowed Inputs
Product status
Timeline
| 2026-07-13: | Advisory disclosed |
| 2026-07-13: | VulDB entry created |
| 2026-07-13: | VulDB entry last update |
Credits
Eric-b (VulDB User)
References
vuldb.com/vuln/378127 (VDB-378127 | nextlevelbuilder GoClaw exec_approval.go ExecApprovalManager.CheckCommand incomplete blacklist)
vuldb.com/vuln/378127/cti (VDB-378127 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-15625 (CVE-2026-15625 | CVE Analysis and Report)
vuldb.com/submit/855804 (Submit #855804 | nextlevelbuilder GoClaw 3.11.3 Command Execution Policy Bypass (CWE-184))
vuldb.com/submit/855806 (Submit #855806 | nextlevelbuilder GoClaw 3.13.2 Command Execution Policy Bypass (CWE-184) (Duplicate))
vuldb.com/submit/855807 (Submit #855807 | nextlevelbuilder GoClaw 3.13.3-beta.3 Authorization Bypass (CWE-863) (Duplicate))
vuldb.com/submit/855845 (Submit #855845 | nextlevelbuilder GoClaw 3.13.3-beta.3 Command Execution Policy Bypass (CWE-184) (Duplicate))
vuldb.com/submit/855846 (Submit #855846 | nextlevelbuilder GoClaw 3.13.2 Improper Authorization (CWE-285) (Duplicate))
vuldb.com/submit/855848 (Submit #855848 | nextlevelbuilder GoClaw 3.13.2 OS Command Injection (CWE-78) (Duplicate))
github.com/nextlevelbuilder/goclaw/issues/1200
github.com/nextlevelbuilder/goclaw/issues/1200
github.com/nextlevelbuilder/goclaw/