CVE-2026-15319
Received Received - Intake

Improper Access Control in Sipeed PicoClaw Launcher

Vulnerability report for CVE-2026-15319, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-10

Last updated on: 2026-07-10

Assigner: VulDB

Description

A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. This affects the function IPAllowlist of the file web/backend/middleware/access_control.go of the component Launcher. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The name of the patch is 3126. A patch should be applied to remediate this issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-10
Last Modified
2026-07-10
Generated
2026-07-10
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
sipeed picoclaw to 0.2.9 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Sipeed PicoClaw launcher, specifically in the IPAllowlist function of the access control middleware. The issue arises because the launcher trusts the RemoteAddr header to determine the client's IP address. When the launcher is deployed behind a reverse proxy on the same host, an attacker can manipulate this header to bypass IP-based restrictions.

The vulnerability allows an attacker to route requests through a local proxy, causing the launcher to misclassify the request as coming from a trusted loopback address (127.0.0.1). This bypasses the configured CIDR restrictions and grants unauthorized access to restricted HTTP endpoints.

The flaw affects the middleware code in web/backend/middleware/access_control.go and can be exploited remotely. A patch has been released to improve diagnostics and prevent this bypass by better handling of the allowlist and proxy scenarios.

Impact Analysis

This vulnerability can lead to unauthorized access to restricted launcher routes and sensitive endpoints that were intended to be protected by IP-based access controls.

  • Attackers can bypass IP allowlist restrictions by exploiting the trust in the RemoteAddr header when the launcher is behind a same-host reverse proxy.
  • Sensitive endpoints such as /api/auth/status can be accessed without proper authorization, exposing potentially sensitive information.
  • Attackers may also compromise first-run setup flows like /api/auth/setup, allowing them to initialize or reset dashboard passwords, leading to full control over the launcher.

Overall, this can result in unauthorized remote access, data exposure, and potential takeover of the affected system.

Detection Guidance

This vulnerability can be detected by testing whether requests routed through a same-host reverse proxy bypass the IP allowlist restrictions. Specifically, sending requests directly to restricted endpoints like /api/auth/status should result in a 403 Forbidden response, but if the same request routed through a local proxy returns a 200 OK response with sensitive data, it indicates the vulnerability.

To detect this on your system, you can perform the following steps:

  • Send a direct HTTP request to a restricted endpoint, for example: curl -i http://<picoclaw-host>/api/auth/status
  • Send the same request through the local reverse proxy (running on the same host) to see if the response differs: curl -i -x http://127.0.0.1:<proxy-port> http://<picoclaw-host>/api/auth/status

If the direct request is blocked (403) but the proxied request succeeds (200), this confirms the access control bypass vulnerability.

Additionally, reviewing the launcher startup logs for diagnostics related to allow_localhost_bypass settings and non-loopback host bindings can help identify potential bypass attempts.

Mitigation Strategies

The immediate mitigation step is to apply the patch referenced as pull request 3126, which fixes the vulnerability by improving the IP allowlist mechanism and adding better runtime diagnostics to prevent bypass via same-host reverse proxies.

Until the patch is applied, consider the following temporary measures:

  • Avoid deploying the PicoClaw launcher behind a same-host reverse proxy that could manipulate the RemoteAddr header.
  • Restrict access to the launcher service to trusted networks and hosts to reduce exposure.
  • Monitor launcher logs for unusual access patterns or indications that allow_localhost_bypass is enabled or omitted.

Applying the official patch is the recommended and most effective way to remediate the issue.

Compliance Impact

The vulnerability in Sipeed PicoClaw allows unauthorized remote access by bypassing IP-based access controls, potentially exposing sensitive endpoints and data.

Such unauthorized access and exposure of sensitive data could lead to non-compliance with common standards and regulations like GDPR and HIPAA, which require strict access controls and protection of personal and sensitive information.

Therefore, if exploited, this vulnerability may result in violations of data protection requirements, increasing the risk of regulatory penalties and loss of trust.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15319. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart