Aggregator

Moltbot AI 助手企业部署引发数据安全隐患 或致API密钥等敏感数据泄露

嘶吼
2 days 7 hours ago

安全研究人员发出警告,企业环境中对Moltbot(前身为Clawdbot)人工智能助手的非安全化部署,可能导致API密钥、OAuth令牌、对话记录及各类凭证信息泄露。

据悉,Moltbot是一款可深度集成系统的开源个人AI助手,能本地部署在用户设备中,还可直接与即时通讯工具、邮件客户端等应用及文件系统实现集成。

与云端聊天机器人不同,Moltbot可在本地7×24小时运行,支持持久化记忆、主动向用户推送提醒/通知、执行定时任务等功能。正是这些实用功能与简便的部署方式,让Moltbot迅速走红,甚至推动了Mac Mini的销量增长——不少人为这款机器人专门购置了专属部署主机。

管理界面暴露引安全风险

多名安全研究人员提醒,若对Moltbot的部署操作疏忽大意,结合其在主机上的权限与访问级别,可能引发敏感数据泄露、企业数据曝光、凭证被盗、命令执行等一系列安全问题。 

有相关人员重点指出了其中部分安全隐患。因反向代理配置错误,目前已有数百个Clawdbot Control管理界面暴露在公网中。 

由于Clawdbot会自动通过所有“本地”连接请求,部署在反向代理后的该程序,往往会将所有网络流量均视为可信来源,这导致许多暴露的实例存在未授权访问、凭证被盗、对话记录可被查看、命令可被执行,甚至能被获取系统根级访问权限等问题。 

该研究人员称:“有人在其面向公网的clawdbot控制服务器上,绑定了自己的Signal加密即时通讯账户,且该服务器拥有该账户的完整读取权限。” 

服务器上不仅有Signal设备的关联统一资源标识符,还有对应的二维码。在安装了Signal的手机上点击该标识符,就能配对该账户并获得完整访问权限。

研究人员曾尝试与该聊天机器人交互以解决上述问题,机器人虽回复会提醒服务器所有者,却无法提供任何联系方式。

研究人员与暴露的 Moltbot 实例互动

此外,工作人员还发布了第二部分研究成果,演示了如何通过供应链攻击针对Moltbot用户——通过制作一个包含简易“ping”载荷的技能模块(封装指令集或功能模块),以此实施攻击。

该开发者将这个恶意技能模块发布至Moltbot官方的MoltHub(原ClawdbotHub)注册表,并人为刷高其下载量,使其成为该平台最热门的资源。 

在不到8小时的时间里,已有来自7个国家的16名开发者,下载了这个被人为推广的恶意技能模块。

企业面临多重安全威胁

尽管Moltbot本更适用于个人用户,但安全公司称,其22%的企业客户中,均有员工在未获得IT部门批准的情况下,擅自使用该AI助手。

目前已识别出多项潜在风险,包括网关与API/OAuth令牌暴露、凭证信息以明文形式存储在~/.clawdbot/目录下、通过AI中介访问导致企业数据泄露,以及提示注入攻击面扩大等。 

其中一大核心隐患是,这款AI助手默认未开启沙箱隔离机制,这意味着该机器人拥有与用户完全相同的数据访问权限。 

多个安全团队均针对Moltbot发出了类似的安全警告。据发现,已有攻击者将暴露的Moltbot端点作为目标,实施凭证窃取与提示注入攻击。像RedLine、Lumma和Vidar等信息窃取恶意软件,近期或将完成适配,把Moltbot的本地存储作为攻击目标,窃取其中的敏感数据与账户凭证。 

此外,有安全研究人员还发现了一起仿冒Clawdbot的恶意VSCode插件事件,该插件会在开发者的设备中安装ScreenConnect远程访问木马。 

安全部署Moltbot需要相关的专业知识与严谨的操作态度,其中关键是将AI实例隔离在虚拟机中运行,并为其网络访问配置防火墙规则,而非直接以根权限在主机操作系统中运行该程序。

胡金鱼

CVE-2025-9974 | Nokia ONT prior BBDR2503 Unified WEBUI Application os command injection

Vuldb Updates
2 days 7 hours ago
A vulnerability was found in Nokia ONT. It has been classified as critical. The impacted element is an unknown function of the component Unified WEBUI Application. The manipulation leads to os command injection. This vulnerability is documented as CVE-2025-9974. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-61634 | Wikimedia MediaWiki up to 1.39.13/1.43.3/1.44.0 PageHTMLHandler.Php cross site scripting (CNNVD-202602-190)

Vuldb Updates
2 days 7 hours ago
A vulnerability classified as problematic was found in Wikimedia MediaWiki up to 1.39.13/1.43.3/1.44.0. This issue affects some unknown processing of the file includes/Rest/Handler/PageHTMLHandler.Php. Executing a manipulation can lead to cross site scripting. This vulnerability appears as CVE-2025-61634. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2025-6591 | Wikimedia MediaWiki up to 1.39.12/1.43.x ApiFeedContributions.Php privilege escalation

Vuldb Updates
2 days 7 hours ago
A vulnerability has been found in Wikimedia MediaWiki up to 1.39.12/1.43.x and classified as problematic. Affected is an unknown function of the file includes/api/ApiFeedContributions.Php. Performing a manipulation results in privilege escalation. This vulnerability is known as CVE-2025-6591. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2025-6597 | Wikimedia MediaWiki up to 1.39.12/1.42.6/1.43.1/1.43.x AuthManager.Php Remote Code Execution

Vuldb Updates
2 days 7 hours ago
A vulnerability was found in Wikimedia MediaWiki up to 1.39.12/1.42.6/1.43.1/1.43.x. It has been declared as critical. This affects an unknown part of the file includes/auth/AuthManager.Php. The manipulation results in Remote Code Execution. This vulnerability was named CVE-2025-6597. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-61638 | Wikimedia Parsoid up to 0.16.5/0.20.3/0.21.0 Sanitizer.Php cross site scripting (CNNVD-202602-183)

Vuldb Updates
2 days 7 hours ago
A vulnerability was found in Wikimedia Parsoid up to 0.16.5/0.20.3/0.21.0. It has been classified as problematic. This issue affects some unknown processing of the file includes/parser/Sanitizer.Php. This manipulation causes cross site scripting. This vulnerability is handled as CVE-2025-61638. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-61636 | Wikimedia MediaWiki up to 1.39.13/1.43.3/1.44.0 HTMLButtonField.Php cross site scripting (CNNVD-202602-187)

Vuldb Updates
2 days 7 hours ago
A vulnerability, which was classified as problematic, has been found in Wikimedia MediaWiki up to 1.39.13/1.43.3/1.44.0. This vulnerability affects unknown code of the file includes/htmlform/fields/HTMLButtonField.Php. The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-61636. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-6594 | Wikimedia MediaWiki up to 1.39.12/1.43.x ApiSandbox.Js cross site scripting

Vuldb Updates
2 days 7 hours ago
A vulnerability labeled as problematic has been found in Wikimedia MediaWiki up to 1.39.12/1.43.x. Affected is an unknown function of the file resources/src/mediawiki.Special.Apisandbox/ApiSandbox.Js. Such manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-6594. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2025-6596 | Wikimedia Vector up to 1.42.6/1.43.1/1.43.x portlets.Js cross site scripting

Vuldb Updates
2 days 7 hours ago
A vulnerability marked as problematic has been reported in Wikimedia Vector up to 1.42.6/1.43.1/1.43.x. Affected by this vulnerability is an unknown functionality of the file resources/skins.Vector.Js/portlets.Js. Performing a manipulation results in cross site scripting. This vulnerability was named CVE-2025-6596. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-6595 | Wikimedia MultimediaViewer up to 1.39.12/1.42.6/1.43.1/1.43.x cross site scripting

Vuldb Updates
2 days 7 hours ago
A vulnerability classified as problematic was found in Wikimedia MultimediaViewer up to 1.39.12/1.42.6/1.43.1/1.43.x. This vulnerability affects unknown code. The manipulation results in cross site scripting. This vulnerability is identified as CVE-2025-6595. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2025-61637 | Wikimedia MediaWiki up to 1.39.13/1.43.3/1.44.0 mediawiki.Action.Edit.Preview.Js cross site scripting (CNNVD-202602-185)

Vuldb Updates
2 days 7 hours ago
A vulnerability, which was classified as problematic, has been found in Wikimedia MediaWiki up to 1.39.13/1.43.3/1.44.0. Affected by this issue is some unknown functionality of the file resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2025-61637. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-1770 | Crafter CMS up to 4.4.x dynamically-managed code resources (EUVD-2026-5112)

Vuldb Updates
2 days 7 hours ago
A vulnerability has been found in Crafter CMS up to 4.4.x and classified as problematic. This impacts an unknown function. This manipulation causes dynamically-managed code resources. The identification of this vulnerability is CVE-2026-1770. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2022-50942 | Inciga Web 2.8.2 icinga.min.js EventListener.handleEvent cross site scripting (EUVD-2022-55948 / Nessus ID 297507)

Vuldb Updates
2 days 7 hours ago
A vulnerability classified as problematic has been found in Inciga Web 2.8.2. The affected element is the function EventListener.handleEvent of the file icinga.min.js. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2022-50942. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

德国DDR5内存价格停止上涨 20款内存套装1月涨幅0.1% 但高性能版仍在涨价

不安全
2 days 7 hours ago
好,我现在要帮用户总结这篇文章的内容,控制在100字以内。首先,我需要通读全文,抓住主要信息。 文章主要讲德国市场上的DDR5内存价格情况。提到20款内存套装1月平均涨幅只有0.1%,相比之前的5%-10%涨幅明显放缓。但高性能内存,比如48GB*2-6400的套条价格上涨了17%,6400及以上的内存依然很贵。 还有,虽然整体价格企稳,但目前价格依然很高,用户还在纠结是否购买。不同配置的内存涨跌不一,比如32GB*2-6400降价了15%,而32GB DDR5-6000的价格涨了432%。 接下来,我需要把这些信息浓缩到100字以内。重点包括:德国市场DDR5价格涨幅放缓,高性能内存继续涨价,部分套装降价,但高价依旧。 最后,确保语言简洁明了,不使用“文章内容总结”之类的开头。 德国市场DDR5内存套装价格1月涨幅仅0.1%,较此前5%-10%的涨幅明显放缓。然而高性能内存如48GB*2-6400套条价格上涨17%,6400及以上内存仍需高价购买。部分套装如32GB*2-6400降价约15%,但整体高价局面未改。

Managed ad