Vulnerability Description
Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests to ticket endpoints. Attackers can exploit insufficient access control checks on the /v1/leases/:id/code/ticket, /v1/leases/:id/webvnc/ticket, and /v1/leases/:id/egress/ticket endpoints to obtain bridge-agent tickets and impersonate trusted lease-side bridges despite having only visibility permissions.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/openclaw/crabbox/commit/95cb30dc7dbaa1fef690a42ef6ac1cb6e307a
- https://github.com/openclaw/crabbox/pull/71
- https://github.com/openclaw/crabbox/releases/tag/v0.12.0
- https://www.vulncheck.com/advisories/crabbox-privilege-escalation-via-agent-tick
- https://github.com/openclaw/crabbox/pull/71
FAQ
What is CVE-2026-8629?
CVE-2026-8629 is a vulnerability with a CVSS score of 8.1 (HIGH). Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests to...
How severe is CVE-2026-8629?
CVE-2026-8629 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8629?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.