CWE-15
AllowedExternal Control of System or Configuration Setting
Abstraction: Base · Status: Incomplete
One or more system settings or configuration elements can be externally controlled by a user.
137 vulnerabilities reference this CWE, most recent first.
GHSA-8FMP-37RC-P5G7
Vulnerability from github – Published: 2026-03-03 19:53 – Updated: 2026-04-08 19:26Summary
OpenClaw allowed dangerous process-control environment variables from env.vars (for example NODE_OPTIONS, LD_*, DYLD_*) to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context.
Details
collectConfigEnvVars() accepted unfiltered keys from config and those values were merged into the daemon install environment in buildGatewayInstallPlan(). Before the fix, startup-control variables were not blocked in this path.
Affected Packages / Versions
- Package:
openclaw(npm) - Latest published affected version:
2026.2.19-2(published February 19, 2026) - Affected range (structured):
<=2026.2.19-2 || =2026.2.19 - Patched version (pre-set for next release):
>= 2026.2.21
Fix Commit(s)
2cdbadee1f8fcaa93302d7debbfc529e19868ea4
Release Process Note
patched_versions is pre-set to the planned next release (2026.2.21). Once that npm release is published, this advisory is ready to publish without further content edits.
OpenClaw thanks @tdjackey for reporting.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.2.21"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-22177"
],
"database_specific": {
"cwe_ids": [
"CWE-15"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-03T19:53:02Z",
"nvd_published_at": "2026-03-18T02:16:21Z",
"severity": "MODERATE"
},
"details": "### Summary\nOpenClaw allowed dangerous process-control environment variables from `env.vars` (for example `NODE_OPTIONS`, `LD_*`, `DYLD_*`) to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context.\n\n### Details\n`collectConfigEnvVars()` accepted unfiltered keys from config and those values were merged into the daemon install environment in `buildGatewayInstallPlan()`. Before the fix, startup-control variables were not blocked in this path.\n\n### Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published affected version: `2026.2.19-2` (published February 19, 2026)\n- Affected range (structured): `\u003c=2026.2.19-2 || =2026.2.19`\n- Patched version (pre-set for next release): `\u003e= 2026.2.21`\n\n### Fix Commit(s)\n- `2cdbadee1f8fcaa93302d7debbfc529e19868ea4`\n\n### Release Process Note\n`patched_versions` is pre-set to the planned next release (`2026.2.21`). Once that npm release is published, this advisory is ready to publish without further content edits.\n\nOpenClaw thanks @tdjackey for reporting.",
"id": "GHSA-8fmp-37rc-p5g7",
"modified": "2026-04-08T19:26:19Z",
"published": "2026-03-03T19:53:02Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8fmp-37rc-p5g7"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w9j9-w4cp-6wgr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22177"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/2cdbadee1f8fcaa93302d7debbfc529e19868ea4"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-environment-variable-injection-via-config-env-vars"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw\u0027s config env vars allowed startup env injection into service runtime"
}
GHSA-8PGC-65MJ-53H5
Vulnerability from github – Published: 2024-07-19 06:31 – Updated: 2024-10-31 17:02Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/auth before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/server before main-gha.27122; versions of the package @gitpod/gitpod-protocol before 0.1.5-main-gha.27122 are vulnerable to Cookie Tossing due to a missing __Host- prefix on the gitpod_io_jwt2 session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attacker’s own JWT so that specific actions taken by the victim (such as connecting a new Github organization) are actioned by the attackers session.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/gitpod-io/gitpod"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.8.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-21583"
],
"database_specific": {
"cwe_ids": [
"CWE-15",
"CWE-565"
],
"github_reviewed": true,
"github_reviewed_at": "2024-09-06T22:05:52Z",
"nvd_published_at": "2024-07-19T05:15:10Z",
"severity": "MODERATE"
},
"details": "Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/auth before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/server before main-gha.27122; versions of the package @gitpod/gitpod-protocol before 0.1.5-main-gha.27122 are vulnerable to Cookie Tossing due to a missing __Host- prefix on the _gitpod_io_jwt2_ session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attacker\u2019s own JWT so that specific actions taken by the victim (such as connecting a new Github organization) are actioned by the attackers session.",
"id": "GHSA-8pgc-65mj-53h5",
"modified": "2024-10-31T17:02:51Z",
"published": "2024-07-19T06:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21583"
},
{
"type": "WEB",
"url": "https://github.com/gitpod-io/gitpod/pull/19973"
},
{
"type": "WEB",
"url": "https://github.com/gitpod-io/gitpod/commit/da1053e1013f27a56e6d3533aa251dbd241d0155"
},
{
"type": "WEB",
"url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c\u0026tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"
},
{
"type": "PACKAGE",
"url": "https://github.com/gitpod-io/gitpod"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2024-2997"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "github.com/gitpod-io/gitpod vulnerable to Cookie Tossing"
}
GHSA-8RVM-5WFM-CWW4
Vulnerability from github – Published: 2025-01-14 15:30 – Updated: 2025-11-04 00:32Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the ftp_port POST parameter.
{
"affected": [],
"aliases": [
"CVE-2024-39794"
],
"database_specific": {
"cwe_ids": [
"CWE-15"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T15:15:24Z",
"severity": "CRITICAL"
},
"details": "Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `ftp_port` POST parameter.",
"id": "GHSA-8rvm-5wfm-cww4",
"modified": "2025-11-04T00:32:17Z",
"published": "2025-01-14T15:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39794"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2053"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2053"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-97RM-XJ73-33JH
Vulnerability from github – Published: 2026-02-19 20:27 – Updated: 2026-02-23 22:23The ebay_set_user_tokens tool allows updating the .env file with new tokens. The updateEnvFile function in src/auth/oauth.ts blindly appends or replaces values without validating them for newlines or quotes. This allows an attacker to inject arbitrary environment variables into the configuration file.
Impact
An attacker can inject arbitrary environment variables into the .env file. This could lead to:
- Configuration Overwrites: Attackers can overwrite critical settings like EBAY_REDIRECT_URI to hijack OAuth flows.
- Denial of Service: Injecting invalid configuration can prevent the server from starting.
- Potential RCE: In some environments, controlling environment variables (like NODE_OPTIONS) can lead to Remote Code Execution.
Found with MCPwner 🕶
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "ebay-mcp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27203"
],
"database_specific": {
"cwe_ids": [
"CWE-15",
"CWE-74"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-19T20:27:11Z",
"nvd_published_at": "2026-02-21T00:16:17Z",
"severity": "HIGH"
},
"details": "The `ebay_set_user_tokens` tool allows updating the `.env` file with new tokens. The `updateEnvFile` function in `src/auth/oauth.ts` blindly appends or replaces values without validating them for newlines or quotes. This allows an attacker to inject arbitrary environment variables into the configuration file.\n\n### Impact\nAn attacker can inject arbitrary environment variables into the `.env` file. This could lead to:\n- **Configuration Overwrites**: Attackers can overwrite critical settings like `EBAY_REDIRECT_URI` to hijack OAuth flows.\n- **Denial of Service**: Injecting invalid configuration can prevent the server from starting.\n- **Potential RCE**: In some environments, controlling environment variables (like `NODE_OPTIONS`) can lead to Remote Code Execution.\n\nFound with [MCPwner](https://github.com/Pigyon/MCPwner) \ud83d\udd76",
"id": "GHSA-97rm-xj73-33jh",
"modified": "2026-02-23T22:23:34Z",
"published": "2026-02-19T20:27:11Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/YosefHayim/ebay-mcp/security/advisories/GHSA-97rm-xj73-33jh"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27203"
},
{
"type": "WEB",
"url": "https://github.com/YosefHayim/ebay-mcp/commit/aab0bda75ea9dd27aa37d0d8524d7cf41b3c4a9a"
},
{
"type": "PACKAGE",
"url": "https://github.com/YosefHayim/ebay-mcp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "eBay API MCP Server Affected by Environment Variable Injection "
}
GHSA-9C4H-PWMF-M6FJ
Vulnerability from github – Published: 2026-03-10 01:19 – Updated: 2026-03-10 18:40Impact
Vulnerability Type: Improper Control of Generation of Code ('Code Injection') (CWE-94) / Improper Check for Unusual or Exceptional Conditions (CWE-754) / Improper Input Validation (CWE-20) / Use of Low-Level Functionality (CWE-695) / Improper Privilege Management (CWE-269) / External Control of System or Configuration Setting (CWE-15).
Technical Details: The vulnerability exists in the JIT (Just-In-Time) compilation engine, which is fully exposed via the CFFI (Foreign Function Interface). Due to Improper Input Validation and External Control of Code Generation, an attacker can supply malicious parameters or instruction sequences through the CFFI layer. Since the library often operates with elevated privileges or within high-performance computing contexts, this allows for Arbitrary Code Execution (ACE) at the privilege level of the host process.
Who is Impacted?
- Developers using the library as a dynamic linked library (.so, .dll, .dylib) in multi-language environments (e.g., Python, Node.js, C++).
- Cloud Service Providers running the library in multi-tenant environments or automated model-training pipelines.
- Users processing untrusted or third-party datasets/models that may trigger malicious JIT instruction generation. Patches
- Affected versions: < 0.2.8
- Patched version: 0.2.9
Workarounds
If you cannot upgrade immediately, please consider the following mitigations: * Strict Sandboxing: Run the library within a restricted sandbox (e.g., WebAssembly, Docker with non-root user, or seccomp profiles) to limit system call access. * Principle of Least Privilege: Ensure the process calling the library does not have administrative or root privileges. * Input Filtering: If possible, implement an application-level validation layer to sanitize any data passed to the CFFI interfaces. * Disable JIT (if applicable): If your workload allows, use the interpreter-only mode (if provided by the library) to bypass the JIT engine entirely. CVSS Score * Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * Base Score: 9.4 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "rssn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-30960"
],
"database_specific": {
"cwe_ids": [
"CWE-15",
"CWE-20",
"CWE-269",
"CWE-695",
"CWE-754",
"CWE-94"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-10T01:19:29Z",
"nvd_published_at": "2026-03-10T18:18:55Z",
"severity": "CRITICAL"
},
"details": "## Impact\n\n**Vulnerability Type**: \nImproper Control of Generation of Code (\u0027Code Injection\u0027) (CWE-94) / Improper Check for Unusual or Exceptional Conditions (CWE-754) / Improper Input Validation (CWE-20) / Use of Low-Level Functionality (CWE-695) / Improper Privilege Management (CWE-269) / External Control of System or Configuration Setting (CWE-15).\n\n**Technical Details**:\nThe vulnerability exists in the JIT (Just-In-Time) compilation engine, which is fully exposed via the CFFI (Foreign Function Interface). Due to Improper Input Validation and External Control of Code Generation, an attacker can supply malicious parameters or instruction sequences through the CFFI layer. Since the library often operates with elevated privileges or within high-performance computing contexts, this allows for Arbitrary Code Execution (ACE) at the privilege level of the host process.\n\n## Who is Impacted?\n\n * Developers using the library as a dynamic linked library (.so, .dll, .dylib) in multi-language environments (e.g., Python, Node.js, C++).\n * Cloud Service Providers running the library in multi-tenant environments or automated model-training pipelines.\n * Users processing untrusted or third-party datasets/models that may trigger malicious JIT instruction generation.\nPatches\n * Affected versions: \u003c 0.2.8\n * Patched version: 0.2.9\n\n## Workarounds\n\nIf you cannot upgrade immediately, please consider the following mitigations:\n * Strict Sandboxing: Run the library within a restricted sandbox (e.g., WebAssembly, Docker with non-root user, or seccomp profiles) to limit system call access.\n * Principle of Least Privilege: Ensure the process calling the library does not have administrative or root privileges.\n * Input Filtering: If possible, implement an application-level validation layer to sanitize any data passed to the CFFI interfaces.\n * Disable JIT (if applicable): If your workload allows, use the interpreter-only mode (if provided by the library) to bypass the JIT engine entirely.\nCVSS Score\n * Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\n * Base Score: 9.4 (Critical)\n\n## References\n\n[Apich Organization Security Team Homepage](https://security.apich.org/)",
"id": "GHSA-9c4h-pwmf-m6fj",
"modified": "2026-03-10T18:40:24Z",
"published": "2026-03-10T01:19:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Apich-Organization/rssn/security/advisories/GHSA-9c4h-pwmf-m6fj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30960"
},
{
"type": "PACKAGE",
"url": "https://github.com/Apich-Organization/rssn"
},
{
"type": "WEB",
"url": "https://github.com/Apich-Organization/rssn/releases/tag/v0.2.9"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2026-0038.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface"
}
GHSA-C2C2-Q654-5C4F
Vulnerability from github – Published: 2026-02-19 18:31 – Updated: 2026-02-19 18:31The Shopire theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the shopire_admin_install_plugin() function in all versions up to, and including, 1.0.57. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the 'fable-extra' plugin.
{
"affected": [],
"aliases": [
"CVE-2025-13091"
],
"database_specific": {
"cwe_ids": [
"CWE-15"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-19T07:17:30Z",
"severity": "MODERATE"
},
"details": "The Shopire theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the shopire_admin_install_plugin() function in all versions up to, and including, 1.0.57. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the \u0027fable-extra\u0027 plugin.",
"id": "GHSA-c2c2-q654-5c4f",
"modified": "2026-02-19T18:31:49Z",
"published": "2026-02-19T18:31:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13091"
},
{
"type": "WEB",
"url": "https://themes.svn.wordpress.org/shopire/1.0.50/inc/admin/assets/js/shopire-admin-script.js"
},
{
"type": "WEB",
"url": "https://themes.svn.wordpress.org/shopire/1.0.50/inc/admin/getting-started.php"
},
{
"type": "WEB",
"url": "https://themes.trac.wordpress.org/browser/shopire/1.0.50/inc/admin/assets/js/shopire-admin-script.js"
},
{
"type": "WEB",
"url": "https://themes.trac.wordpress.org/browser/shopire/1.0.50/inc/admin/getting-started.php"
},
{
"type": "WEB",
"url": "https://themes.trac.wordpress.org/changeset/304732"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/873b54ba-d29f-4e09-9dc1-a38c10ebfcb1?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CH76-HX2M-RF3M
Vulnerability from github – Published: 2025-01-14 15:30 – Updated: 2025-11-04 00:32Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the ftp_port POST parameter.
{
"affected": [],
"aliases": [
"CVE-2024-39789"
],
"database_specific": {
"cwe_ids": [
"CWE-15"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T15:15:24Z",
"severity": "CRITICAL"
},
"details": "Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_port` POST parameter.",
"id": "GHSA-ch76-hx2m-rf3m",
"modified": "2025-11-04T00:32:17Z",
"published": "2025-01-14T15:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39789"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2056"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2056"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CV67-V84Q-6C9X
Vulnerability from github – Published: 2025-01-14 15:30 – Updated: 2025-01-14 18:31An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2024-39602"
],
"database_specific": {
"cwe_ids": [
"CWE-15"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T15:15:19Z",
"severity": "CRITICAL"
},
"details": "An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.",
"id": "GHSA-cv67-v84q-6c9x",
"modified": "2025-01-14T18:31:56Z",
"published": "2025-01-14T15:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39602"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2052"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2052"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FWWP-XCXW-39VQ
Vulnerability from github – Published: 2025-03-25 00:30 – Updated: 2026-02-04 21:49A security issue was discovered in ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "k8s.io/ingress-nginx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.11.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "k8s.io/ingress-nginx"
},
"ranges": [
{
"events": [
{
"introduced": "1.12.0-beta.0"
},
{
"fixed": "1.12.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-24514"
],
"database_specific": {
"cwe_ids": [
"CWE-15",
"CWE-20"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-25T15:10:02Z",
"nvd_published_at": "2025-03-25T00:15:15Z",
"severity": "HIGH"
},
"details": "A security issue was discovered in [ingress-nginx](https://github.com/kubernetes/ingress-nginx) where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)",
"id": "GHSA-fwwp-xcxw-39vq",
"modified": "2026-02-04T21:49:28Z",
"published": "2025-03-25T00:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24514"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/131006"
},
{
"type": "PACKAGE",
"url": "https://github.com/kubernetes/ingress-nginx"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.11.5"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.12.1"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/kubernetes-security-announce/c/2qa9DFtN0cQ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250328-0008"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/52475"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "ingress-nginx controller - configuration injection via unsanitized auth-url annotation"
}
GHSA-H2VW-PH2C-JVWF
Vulnerability from github – Published: 2026-04-25 23:50 – Updated: 2026-05-19 15:56Affected Packages / Versions
- Package:
openclaw(npm) - Affected versions:
>= 2026.4.5, < 2026.4.20 - Patched version:
2026.4.20
Impact
A malicious workspace .env could set MINIMAX_API_HOST and redirect credentialed MiniMax requests to an attacker-controlled origin, exposing the MiniMax API key in the outbound Authorization header.
This requires running OpenClaw from an attacker-controlled workspace. Severity is medium.
Fix
OpenClaw now blocks MINIMAX_API_HOST from workspace dotenv injection and removes env-driven URL routing from the affected MiniMax request path.
Fix commit:
2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1
Release
Fixed in OpenClaw 2026.4.20.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "2026.4.5"
},
{
"fixed": "2026.4.20"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44992"
],
"database_specific": {
"cwe_ids": [
"CWE-15",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-25T23:50:10Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected versions: `\u003e= 2026.4.5, \u003c 2026.4.20`\n- Patched version: `2026.4.20`\n\n## Impact\n\nA malicious workspace `.env` could set `MINIMAX_API_HOST` and redirect credentialed MiniMax requests to an attacker-controlled origin, exposing the MiniMax API key in the outbound `Authorization` header.\n\nThis requires running OpenClaw from an attacker-controlled workspace. Severity is medium.\n\n## Fix\n\nOpenClaw now blocks `MINIMAX_API_HOST` from workspace dotenv injection and removes env-driven URL routing from the affected MiniMax request path.\n\nFix commit:\n\n- `2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1`\n\n## Release\n\nFixed in OpenClaw `2026.4.20`.",
"id": "GHSA-h2vw-ph2c-jvwf",
"modified": "2026-05-19T15:56:13Z",
"published": "2026-04-25T23:50:10Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-h2vw-ph2c-jvwf"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44992"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-minimax-api-host-override-via-workspace-dotenv"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw: Workspace dotenv MiniMax host override could redirect credentialed requests"
}
Mitigation MIT-46
Strategy: Separation of Privilege
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation
Because setting manipulation covers a diverse set of functions, any attempt at illustrating it will inevitably be incomplete. Rather than searching for a tight-knit relationship between the functions addressed in the setting manipulation category, take a step back and consider the sorts of system values that an attacker should not be allowed to control.
Mitigation
In general, do not allow user-provided or otherwise untrusted data to control sensitive values. The leverage that an attacker gains by controlling these values is not always immediately obvious, but do not underestimate the creativity of the attacker.
CAPEC-13: Subverting Environment Variable Values
The adversary directly or indirectly modifies environment variables used by or controlling the target software. The adversary's goal is to cause the target software to deviate from its expected operation in a manner that benefits the adversary.
CAPEC-146: XML Schema Poisoning
An adversary corrupts or modifies the content of XML schema information passed between a client and server for the purpose of undermining the security of the target. XML Schemas provide the structure and content definitions for XML documents. Schema poisoning is the ability to manipulate a schema either by replacing or modifying it to compromise the programs that process documents that use this schema.
CAPEC-176: Configuration/Environment Manipulation
An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.
CAPEC-203: Manipulate Registry Information
An adversary exploits a weakness in authorization in order to modify content within a registry (e.g., Windows Registry, Mac plist, application registry). Editing registry information can permit the adversary to hide configuration information or remove indicators of compromise to cover up activity. Many applications utilize registries to store configuration and service information. As such, modification of registry information can affect individual services (affecting billing, authorization, or even allowing for identity spoofing) or the overall configuration of a targeted application. For example, both Java RMI and SOAP use registries to track available services. Changing registry values is sometimes a preliminary step towards completing another attack pattern, but given the long term usage of many registry values, manipulation of registry information could be its own end.
CAPEC-270: Modification of Registry Run Keys
An adversary adds a new entry to the "run keys" in the Windows registry so that an application of their choosing is executed when a user logs in. In this way, the adversary can get their executable to operate and run on the target system with the authorized user's level of permissions. This attack is a good way for an adversary to run persistent spyware on a user's machine, such as a keylogger.
CAPEC-271: Schema Poisoning
An adversary corrupts or modifies the content of a schema for the purpose of undermining the security of the target. Schemas provide the structure and content definitions for resources used by an application. By replacing or modifying a schema, the adversary can affect how the application handles or interprets a resource, often leading to possible denial of service, entering into an unexpected state, or recording incomplete data.
CAPEC-579: Replace Winlogon Helper DLL
Winlogon is a part of Windows that performs logon actions. In Windows systems prior to Windows Vista, a registry key can be modified that causes Winlogon to load a DLL on startup. Adversaries may take advantage of this feature to load adversarial code at startup.
CAPEC-69: Target Programs with Elevated Privileges
This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
CAPEC-77: Manipulating User-Controlled Variables
This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the adversary can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.