CVE-2026-6987
Received Received - Intake
Remote Command Injection in PicoClaw Web Launcher Management Plane

Publication date: 2026-04-25

Last updated on: 2026-05-01

Assigner: VulDB

Description
A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-25
Last Modified
2026-05-01
Generated
2026-06-16
AI Q&A
2026-04-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-6987
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sipeed picoclaw to 0.2.4 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The CVE-2026-6987 vulnerability in PicoClaw version 0.2.4 is an unauthenticated remote code execution (RCE) issue through the Web Launcher management plane.

Specifically, unauthenticated users can modify the config.json file by injecting arbitrary commands into the hooks.processes[*].command field.

After injecting commands, an unauthenticated POST request to /api/gateway/restart restarts the gateway, causing the injected commands to execute immediately as process hooks.

This happens especially when PicoClaw is started with the -public flag or deployed with an accessible management plane in the same CIDR segment, and when allowed_cidrs is empty or includes the attacker's IP.

The vulnerability arises due to lack of authentication and insufficient input validation, allowing remote attackers to execute arbitrary commands.

Impact Analysis

This vulnerability allows an attacker to remotely execute arbitrary commands on the affected system without authentication.

Such remote code execution can lead to full system compromise, unauthorized access to sensitive data, disruption of services, and potential use of the system as a foothold for further attacks.

Because the attacker can restart the gateway to trigger the malicious commands, the impact is immediate and can be exploited remotely.

Detection Guidance

This vulnerability can be detected by checking if the PicoClaw management interface is accessible without authentication, especially if it is started with the -public flag or deployed within an accessible CIDR segment.

You can look for unauthenticated POST requests to the /api/gateway/restart endpoint, which triggers the command injection.

Additionally, inspecting the config.json file for suspicious or arbitrary commands in the hooks.processes[*].command field can indicate exploitation.

  • Use curl or similar tools to test access: curl -X POST http://<target-ip>/api/gateway/restart
  • Check the config.json file for injected commands, for example: grep -r 'hooks.processes' /path/to/config.json
  • Scan network for open management interfaces on the PicoClaw device, especially those accessible without authentication.
Mitigation Strategies

Immediate mitigation steps include enforcing mandatory identity authentication on the PicoClaw management interface to prevent unauthenticated access.

Implement strict validation of input paths and parameters for commands specified in the hooks configuration to prevent unauthorized command injection.

Avoid starting the PicoClaw launcher with the -public flag or ensure that the allowed_cidrs configuration does not include untrusted IP addresses.

Compliance Impact

The vulnerability allows unauthenticated remote code execution via the management interface, which can lead to unauthorized access and control over the affected system.

Such unauthorized access and potential data manipulation or exposure could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls over data confidentiality, integrity, and access.

Specifically, failure to enforce authentication and input validation as described in the vulnerability could result in breaches of personal or sensitive data, violating regulatory requirements for protecting such information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6987. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart