A vulnerability was found in zevorn rt-claw up to 0.2.0. The affected element is the function claw_net_get/claw_net_post of the file claw/services/tools/net.c of the component http_request. The manipulation of the argument url results in server-side request forgery. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Metrics
Affected Vendors & Products
References
History
Sat, 18 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was found in zevorn rt-claw up to 0.2.0. The affected element is the function claw_net_get/claw_net_post of the file claw/services/tools/net.c of the component http_request. The manipulation of the argument url results in server-side request forgery. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet. | |
| Title | zevorn rt-claw http_request net.c claw_net_post server-side request forgery | |
| First Time appeared |
Zevorn
Zevorn rt-claw |
|
| Weaknesses | CWE-918 | |
| CPEs | cpe:2.3:a:zevorn:rt-claw:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Zevorn
Zevorn rt-claw |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-07-18T15:15:08.064Z
Updated: 2026-07-18T15:15:08.064Z
Reserved: 2026-07-17T16:08:22.751Z
Link: CVE-2026-16125
No data.
No data.
No data.