CVE-2026-10583: SSRF in nextlevelbuilder GoClaw
A server-side request forgery (SSRF) vulnerability exists in nextlevelbuilder GoClaw versions up to 3.11.3. The flaw is located in the TTS Configuration Endpoint's Import function, which fails to properly validate or restrict outbound HTTP requests. An authenticated attacker with high privileges can exploit this to make the affected server initiate requests to internal or external systems on their behalf, potentially accessing sensitive internal resources or launching further attacks. The vulnerability has been publicly disclosed.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 4.7 MEDIUM · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
- Weaknesses (CWE)
- CWE-918
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-02 / 2026-06-17
NVD description (verbatim)
A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. Affected by this issue is the function Import of the file internal/http/tts_config.go of the component TTS Configuration Endpoint. The manipulation leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The project tagged the reported issue as bug.
7 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-10583 is an SSRF vulnerability (CWE-918) in the Import function of internal/http/tts_config.go within GoClaw's TTS Configuration Endpoint. The vulnerability allows manipulation of request handling without proper validation of target URLs. The attack vector is network-based with low attack complexity. While the CVSS 3.1 score of 4.7 reflects a medium severity rating, the impact encompasses confidentiality, integrity, and availability through the ability to forge server requests. Exploitation requires high-level authentication privileges but no user interaction.
Business impact
This vulnerability enables authenticated attackers to pivot from their authorized access point toward internal infrastructure. By forcing the GoClaw server to request internal resources, an attacker could exfiltrate configuration data, access backend services behind firewalls, or scan internal network topology. In environments where GoClaw sits between public and private networks, this becomes a bridgehead for lateral movement. The public disclosure increases the likelihood of weaponization by threat actors seeking to establish deeper footholds in compromised networks.
Affected systems
nextlevelbuilder GoClaw through version 3.11.3 is affected. Users operating version 3.11.3 or earlier should assume exposure. Organizations running newer versions should verify their actual deployment version matches current releases. The vulnerability is confined to GoClaw; downstream consumers of GoClaw should assess whether their deployments fall within the affected version range.
Exploitability
The vulnerability requires authentication with high-privilege credentials, which moderates real-world exploitability in properly segmented environments. However, the low attack complexity and network accessibility mean that once an attacker holds such credentials—via password compromise, insider threat, or lateral movement—exploitation is straightforward. Public disclosure and the relatively simple nature of SSRF attacks increase the risk that threat actors will attempt this vector against known or suspected GoClaw installations.
Remediation
Upgrade nextlevelbuilder GoClaw to a version released after the vulnerability was disclosed (verify against the vendor advisory for the exact patched version). Organizations unable to upgrade immediately should implement network-level controls restricting outbound requests from GoClaw servers to only legitimate external destinations, and enforce strict authentication and authorization policies for TTS Configuration Endpoint access.
Patch guidance
Check the nextlevelbuilder GoClaw release notes and security advisories for versions released after 2026-06-02 (the publication date of this CVE). Vendors typically provide patches within days or weeks of public disclosure for medium-severity vulnerabilities. Test patches in a staging environment before production deployment to ensure no operational impact on existing TTS configurations. Coordinate patching with any dependent systems that rely on GoClaw's TTS functionality.
Detection guidance
Monitor HTTP request logs from GoClaw servers for unusual outbound connections, particularly to internal IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) or unexpected external hosts. Look for POST or GET requests to the TTS Configuration Endpoint (internal/http/tts_config.go) originating from high-privilege accounts. Track authentication attempts to GoClaw with administrative credentials that deviate from normal patterns. Implement network segmentation to limit what GoClaw can reach, and use firewall rules to alert on or block suspicious egress traffic from the application.
Why prioritize this
While the CVSS score of 4.7 is moderate, prioritization should account for: (1) public disclosure increasing attacker awareness and tooling availability; (2) the vulnerability's role as a potential stepping stone for lateral movement in multi-tier architectures; (3) the requirement for high-privilege authentication, which is often achievable through compromise of administrative accounts. Organizations with GoClaw deployed in trusted-zone architectures or hybrid cloud setups should treat this as higher priority than the numeric score alone suggests.
Risk score, explained
The CVSS 3.1 score of 4.7 (Medium) reflects attack vector (Network), attack complexity (Low), privilege requirement (High), and user interaction (None). The score caps impact to confidentiality, integrity, and availability at Low due to the architectural constraint that only the authenticated attacker benefits. However, in threat modeling, SSRF vulnerabilities often serve as pivots; the score does not account for multi-stage attack chains where this vulnerability enables reconnaissance or access to critical backend services. Adjust risk posture based on your network segmentation and the sensitivity of resources GoClaw can reach.
Frequently asked questions
Do I need to upgrade immediately if I'm running GoClaw 3.11.3?
Yes. Although exploitation requires high-privilege authentication, public disclosure means threat actors are likely analyzing this vulnerability. If any administrative credentials have been compromised—through phishing, password reuse, or insider risk—your GoClaw instance is exposed. Upgrade as soon as you have tested the patch in staging. If you cannot upgrade within 48–72 hours, implement compensating controls such as network segmentation and request rate limiting on the TTS Configuration Endpoint.
Can an unauthenticated attacker exploit this vulnerability?
No. The vulnerability requires high-level authentication credentials. However, this does not eliminate risk; many organizations have multiple administrators or service accounts with these permissions, and credential compromise is common. Additionally, in environments with SSO or federation, a single compromised user account might grant access across multiple systems.
What can an attacker actually do with this SSRF vulnerability?
An attacker can force the GoClaw server to make HTTP requests to any URL they specify, including internal IP addresses and services not exposed to the internet. Common attacks include: querying internal metadata services (like cloud provider IMDSv1 endpoints), enumerating internal DNS names, accessing internal APIs or dashboards, and exfiltrating configuration files or secrets. In some cases, chained with other vulnerabilities, SSRF can enable remote code execution.
Does my network segmentation protect me from this vulnerability?
Partially. If GoClaw is properly segmented and only permitted to reach specific external hosts via firewall rules, the attacker's ability to pivot is constrained. However, segmentation is most effective when combined with patching. Do not rely on segmentation alone as a substitute for upgrades; deploy both.
This analysis is provided for informational purposes to aid vulnerability management and risk assessment. SEC.co does not guarantee the accuracy or completeness of patch version information; always consult the official nextlevelbuilder security advisory and release notes. No exploit code or weaponized proof-of-concept is provided in this document. Testing any patches or detection rules in production environments carries inherent risk; perform changes in isolated or test environments first. This document does not constitute legal advice or a guarantee of security. Your organization remains responsible for assessing the applicability and impact of this vulnerability to your specific infrastructure. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Weaknesses (CWE)
Related vulnerabilities
- CVE-2026-10052MEDIUMQuay SSRF in LDAP/SMTP Validation—Internal Network Reconnaissance Risk
- CVE-2026-10177MEDIUMSSRF in Aider-AI Aider 0.86.3 AWS Metadata Endpoint
- CVE-2026-10239MEDIUMJeecgBoot Server-Side Request Forgery (SSRF) in Word Editing Module
- CVE-2026-10240MEDIUMJeecgBoot SSRF Vulnerability in /airag/airagModel/test Endpoint
- CVE-2026-10241MEDIUMJimuReport SSRF in File Download Function – Patch to 3.9.2
- CVE-2026-10274MEDIUMServer-Side Request Forgery in aem-mcp-server
- CVE-2026-10276MEDIUMJenkins-server-mcp SSRF Vulnerability (0.1.0)
- CVE-2026-10517MEDIUMClair SSRF Vulnerability – Unfiltered HTTP Requests Leak Metadata