JunoClaw Upload_Wasm Tool Arbitrary File Upload Vulnerability

A vulnerability in the JunoClaw AI platform's upload_wasm tool, present in versions prior to 0.3.0, allowed for arbitrary file uploads without proper validation. The tool accepted unbounded filesystem paths, enabling the upload of files regardless of their location, symlink targets, sizes, or formats. This issue could be exploited by placing a symlink to a readable file under the operator's home directory, which would then be exfiltrated via on-chain MsgStoreCode bytes.

Impact

Exploitation of this vulnerability could lead to unauthorized access and exfiltration of files from the operator's home directory.

Reproduction

The vulnerability can be reproduced by using the upload_wasm tool with a symlinked file that the operator is permitted to read. The symlink can be placed in the operator's home directory, pointing to a target file. Once the symlink is in place, uploading a WASM file through the upload_wasm tool will trigger the vulnerability, as the tool lacks checks for symlink targets or file integrity.

Remediation

Users can upgrade to JunoClaw version 0.3.0 or later, which includes the necessary validation checks. Instructions for upgrading are available in the JunoClaw repository.