Impact
NanoClaw software before version 2.1.0 allows a flaw in the channel‑registration approval workflow that does not enforce proper admin‑level authentication when handling approval responses. By sending forged or outdated connect‑callback messages, a user with scoped‑admin privileges can register channels for agent groups that are normally out of scope. This enables the attacker to view or control activity in restricted agent groups, effectively granting elevated privileges within the NanoClaw environment. The likely attack vector is that an authenticated scoped‑admin user submits forged or stale connect‑callback requests; this inference follows from the requirement that the attacker must already hold scoped‑admin rights to exploit the flaw.
Affected Systems
The vulnerability affects NanoCoAI’s NanoClaw product for all versions earlier than 2.1.0. No additional product or version qualifiers are listed; the issue is present in any pre‑2.1.0 release. Based on the description, the vulnerability applies to any NanoClaw instance running a pre‑2.1.0 version.
Risk and Exploitability
The CVSS score of 5.3 indicates a moderate severity, and the EPSS score is not available. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires the attacker to obtain at least scoped‑admin rights on the NanoClaw instance and forge or replay a connect‑callback message. Once the callback is accepted, the attacker can create or manipulate channels that reference agent groups outside their administrative scope, leading to unauthorized observation or control of those groups. Based on the description, the likely attack vector involves an internal network or a privileged user session with scoped‑admin access, rather than a public‑facing exploit.
OpenCVE Enrichment