Goclaw Critical Security Remediation: Command Injection, SSRF, Auth Bypass

Vulnerability Overview This web screenshot describes a security issue titled "[Security] Upstream critical remediation plan: 3 active fixes + Lite verification #30". It primarily involves three active security fixes and one lightweight verification item. Scope of Impact 1. Unauthenticated and Unsigned Webhook Acceptance in Production - Impact: Unauthenticated and unsigned webhook acceptance in the production environment may lead to security risks. - Remediation: - Allow empty gateway tokens only for loopback local development or explicit insecure development modes. - Externally reachable HTTP/WebSocket modes with empty gateway tokens must fail startup or configuration validation before becoming healthy, unless an explicit insecure development opt-in exists. - Feshu/Pancake Webhook handlers must not dispatch unverified events when verification material is missing or mismatched. - Preserve provider-safe webhook response codes where non-2xx responses cause retries or suspension logs; log the security event and avoid dispatch. 2. FSBridge Command Injection in Sandbox Write Path - Impact: FSBridge command injection may lead to command execution vulnerabilities in the sandbox write path. - Remediation: - Remove shell interpretation from the FSBridge write path. - Add regression tests to cover paths containing , backticks, semicolons, spaces, and quotes. - Maintain request workspace confinement and reject sandbox back-write/status paths. - Avoid write implementations that echo file content back to captured stdout. 3. Tenant Viewer Can Modify Admin-Only Config/Storage Surfaces - Impact: Tenant viewers can modify admin-only configurations and storage surfaces, leading to privilege escalation. - Remediation: - Tenant viewers/members must not read or modify tenant-admin-only TTS configurations. - Tenant viewers/members must not upload, move, or delete storage via admin routes. - Tenant administrator behavior must remain intact. - Handlers/writers must receive and utilize centralized tenant administrator helpers. 4. Lite Hooks Table Missing in v3.9.0 - Impact: The absence of the Lite hooks table in v3.9.0 may lead to data inconsistency. - Remediation: - Run/maintain SQL migration tests to prove that new databases and real pre-hooks upgrade fixtures include and . - Implement code only if verification fails. Remediation Plan Local Plan Path: Stages: - Baseline verification and failing regression tests - Auth/WebSocket and webhook fail-closed behavior - FSBridge write and path-confinement hardening - Tenant admin enforcement for TTS/storage deletion - Lite hook regression verification - Security regression suite and closeout High-Risk Non-P0 Backlog Multiple high-risk non-P0 backend issues, including GoClaw team task completion authorization bypass, Server-Side Request Forgery (SSRF), MCP bridge dropping SenderID, Evolution Suggestion Authorization Bypass, Agent Config Bypass, Bug Browser Pairing, etc. Checklist Create feature branch Add failing regression tests Fix unsafe production no-token authentication Fix missing secret webhook dispatch Fix FSBridge shell interpretation and workspace limits Add tenant admin enforcement Verify Lite hooks table regression Run final focused tests/gateway verification Update this issue with PR links and verification commands Implementation Status Local branch completed and verified Verification commands passed Beta PR #32 Red Team Decisions No-token mode is restricted to loopback local development or explicit insecure development opt-ins. Webhooks with missing/mismatched verification use provider-safe responses without dispatch, with security logging. Storage DELETE is within the scope of this PR and requires tenant admin or a stronger role. Broader admin route audits are report-only unless the same exploit path requires a direct fix. Code Block

Goal Reached Thanks to every supporter — we hit 100%!

Goclaw Critical Security Remediation: Command Injection, SSRF, Auth Bypass

More from this source