Sipeed PicoClaw
- <= 0.2.9
A vulnerability allowing for missing authorization has been identified in Sipeed PicoClaw versions through 0.2.9. The issue arises in the Group Message Handler, specifically within the handleMessageReceive function of the feishu_64.go file. This vulnerability can be exploited remotely, allowing an attacker to manipulate message context and bypass authorization checks.
Exploitation of this vulnerability allows for unauthorized injection of message content into the agent's trusted context, potentially influencing the agent's decisions and actions.
The vulnerability can be reproduced by sending a reply from an allowlisted Feishu user to a message from a non-allowlisted user. This can be done using a local mock Feishu API server to simulate the message fetching process. The replied message will contain unverified, non-allowlisted content, which is then processed as trusted input by the PicoClaw agent.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.