A high-severity authentication bypass vulnerability has been discovered in ClawDBot, a popular npm package, enabling attackers to achieve remote code execution through a single malicious link. The flaw stems from the insufficient validation of the gateway URL parameter, combined with automatic connection behaviour that exposes authentication tokens to unauthorised actors. Vulnerability Overview The vulnerability, identified […]

The post 1-Click Flaw in ClawDBot Allows Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/1-click-flaw-in-clawdbot/