CVE-2026-16128
zevorn · rt-claw
A Server-Side Request Forgery (SSRF) vulnerability exists in zevorn rt-claw versions 0.1 and 0.2.0, allowing unauthenticated remote attackers to trigger unauthorized network requests.
Executive summary
The zevorn rt-claw application is affected by an unauthenticated Server-Side Request Forgery vulnerability that could permit unauthorized network interactions.
Vulnerability
This is a Server-Side Request Forgery (CWE-918) vulnerability where the application fails to properly validate user-supplied input before making outbound requests. The attack vector is network-based and requires no authentication.
Business impact
The vulnerability carries a CVSS score of 7.3, reflecting a high-severity risk. Successful exploitation may allow an attacker to probe internal network resources, bypass firewall restrictions, or interact with sensitive internal services that are not exposed to the public internet, potentially leading to unauthorized data access or further lateral movement.
Remediation
Immediate Action: Monitor the official zevorn rt-claw repository for the release of a patched version and apply it immediately upon availability.
Proactive Monitoring: Review web server and application logs for suspicious outbound requests to internal IP addresses or unusual destination ports originating from the rt-claw service.
Compensating Controls: Implement strict egress filtering on the host running rt-claw to restrict network connections to only known, required external endpoints.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Given the high CVSS score and the nature of SSRF vulnerabilities, organizations should prioritize restricting the network access of the affected server. Ensure that the application is not permitted to initiate connections to internal infrastructure until a vendor-supplied patch is applied.