<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>PicoClaw (0.2.9 and Earlier) - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/picoclaw-0.2.9-and-earlier/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Sat, 18 Jul 2026 09:18:22 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/picoclaw-0.2.9-and-earlier/feed.xml" rel="self" type="application/rss+xml"/><item><title>Remote Server-Side Request Forgery in Sipeed PicoClaw (CVE-2026-16084)</title><link>https://feed.craftedsignal.io/briefs/2026-07-sipeed-picoclaw-ssrf/</link><pubDate>Sat, 18 Jul 2026 09:18:22 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-sipeed-picoclaw-ssrf/</guid><description>A server-side request forgery (SSRF) vulnerability, CVE-2026-16084, has been identified in Sipeed PicoClaw versions up to 0.2.9, allowing remote exploitation due to a weakness in the `web_fetch` function of `pkg/tools/integration/web.go`, with a public exploit available.</description><content:encoded><![CDATA[<p>A high-severity server-side request forgery (SSRF) vulnerability, tracked as CVE-2026-16084, has been discovered in Sipeed PicoClaw, affecting all versions up to and including 0.2.9. The weakness resides within the <code>web_fetch</code> function located in the <code>pkg/tools/integration/web.go</code> file, allowing for remote exploitation without authentication. Attackers can manipulate server-side requests to access internal network resources or bypass external restrictions. A public exploit for this vulnerability is available, increasing the immediate risk of exploitation. Defenders should prioritize patching this vulnerability to prevent potential network compromise and data exposure.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An unauthenticated attacker sends a crafted HTTP request to a vulnerable Sipeed PicoClaw server, specifically targeting the <code>web_fetch</code> function.</li>
<li>The attacker embeds a malicious URL, which could point to an internal network resource (e.g., <code>192.168.1.100</code>, <code>localhost</code>) or a controlled external service, within the request parameters.</li>
<li>The <code>web_fetch</code> function in <code>pkg/tools/integration/web.go</code> processes this attacker-controlled input without sufficient validation or sanitization.</li>
<li>As a result, the Sipeed PicoClaw server's process (e.g., <code>picoclaw</code>) initiates an unexpected outbound network connection to the URL specified by the attacker.</li>
<li>The server acts as an unwitting proxy, making a request on behalf of the attacker to the target resource.</li>
<li>The response from the target resource is then transmitted back to the Sipeed PicoClaw server, which may relay it to the attacker, potentially exposing sensitive information.</li>
<li>The attacker leverages the server's elevated access to perform actions such as internal network enumeration, port scanning, accessing sensitive services, or bypassing firewall rules.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-16084 can lead to significant network exposure and potential data exfiltration. Attackers can use the vulnerable PicoClaw server to access services and systems on internal networks that are otherwise inaccessible from the internet. This includes scanning internal ports, accessing internal APIs, or retrieving sensitive data from other internal applications. The public availability of an exploit significantly increases the likelihood of widespread attacks, making unpatched systems prime targets for network reconnaissance and further compromise.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately apply the patch associated with commit <code>c15aac21fe05ee103a470e1104bc891754e83392</code> to all Sipeed PicoClaw installations to mitigate CVE-2026-16084.</li>
<li>Deploy the Sigma rule &quot;Detect Possible SSRF Outbound Connection from Sipeed PicoClaw (CVE-2026-16084)&quot; to your SIEM to identify suspicious outbound network connections originating from the <code>picoclaw</code> process.</li>
<li>Enable comprehensive network connection logging for all servers running Sipeed PicoClaw to monitor for unexpected outbound traffic to internal or unusual external IP addresses.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>ssrf</category><category>vulnerability</category><category>remote-exploitation</category><category>sipeed</category><category>picoclaw</category></item></channel></rss>