Skip to content
Threat Feed
high advisory

Remote Server-Side Request Forgery in Sipeed PicoClaw (CVE-2026-16084)

A server-side request forgery (SSRF) vulnerability, CVE-2026-16084, has been identified in Sipeed PicoClaw versions up to 0.2.9, allowing remote exploitation due to a weakness in the `web_fetch` function of `pkg/tools/integration/web.go`, with a public exploit available.

A high-severity server-side request forgery (SSRF) vulnerability, tracked as CVE-2026-16084, has been discovered in Sipeed PicoClaw, affecting all versions up to and including 0.2.9. The weakness resides within the web_fetch function located in the pkg/tools/integration/web.go file, allowing for remote exploitation without authentication. Attackers can manipulate server-side requests to access internal network resources or bypass external restrictions. A public exploit for this vulnerability is available, increasing the immediate risk of exploitation. Defenders should prioritize patching this vulnerability to prevent potential network compromise and data exposure.

Attack Chain

  1. An unauthenticated attacker sends a crafted HTTP request to a vulnerable Sipeed PicoClaw server, specifically targeting the web_fetch function.
  2. The attacker embeds a malicious URL, which could point to an internal network resource (e.g., 192.168.1.100, localhost) or a controlled external service, within the request parameters.
  3. The web_fetch function in pkg/tools/integration/web.go processes this attacker-controlled input without sufficient validation or sanitization.
  4. As a result, the Sipeed PicoClaw server's process (e.g., picoclaw) initiates an unexpected outbound network connection to the URL specified by the attacker.
  5. The server acts as an unwitting proxy, making a request on behalf of the attacker to the target resource.
  6. The response from the target resource is then transmitted back to the Sipeed PicoClaw server, which may relay it to the attacker, potentially exposing sensitive information.
  7. The attacker leverages the server's elevated access to perform actions such as internal network enumeration, port scanning, accessing sensitive services, or bypassing firewall rules.

Impact

Successful exploitation of CVE-2026-16084 can lead to significant network exposure and potential data exfiltration. Attackers can use the vulnerable PicoClaw server to access services and systems on internal networks that are otherwise inaccessible from the internet. This includes scanning internal ports, accessing internal APIs, or retrieving sensitive data from other internal applications. The public availability of an exploit significantly increases the likelihood of widespread attacks, making unpatched systems prime targets for network reconnaissance and further compromise.

Recommendation

  • Immediately apply the patch associated with commit c15aac21fe05ee103a470e1104bc891754e83392 to all Sipeed PicoClaw installations to mitigate CVE-2026-16084.
  • Deploy the Sigma rule "Detect Possible SSRF Outbound Connection from Sipeed PicoClaw (CVE-2026-16084)" to your SIEM to identify suspicious outbound network connections originating from the picoclaw process.
  • Enable comprehensive network connection logging for all servers running Sipeed PicoClaw to monitor for unexpected outbound traffic to internal or unusual external IP addresses.

Detection coverage 1

Detect Possible SSRF Outbound Connection from Sipeed PicoClaw (CVE-2026-16084)

high

Detects CVE-2026-16084 exploitation by identifying suspicious outbound network connections initiated by the Sipeed PicoClaw application, potentially indicating server-side request forgery (SSRF). This rule assumes the executable name for PicoClaw is 'picoclaw' and it may run on Linux or Windows.

sigma tactics: command_and_control, discovery techniques: T1090.003, T1595.001 sources: network_connection, linux

Detection queries are available on the platform. Get full rules →

Indicators of compromise

1

hash_sha1

8

url

TypeValue
urlhttps://github.com/sipeed/picoclaw/
urlhttps://github.com/sipeed/picoclaw/commit/c15aac21fe05ee103a470e1104bc891754e83392
hash_sha1c15aac21fe05ee103a470e1104bc891754e83392
urlhttps://github.com/sipeed/picoclaw/issues/3074
urlhttps://github.com/sipeed/picoclaw/pull/3143
urlhttps://vuldb.com/cve/CVE-2026-16084
urlhttps://vuldb.com/submit/852946
urlhttps://vuldb.com/vuln/379796
urlhttps://vuldb.com/vuln/379796/cti