A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management …

A remote command injection vulnerability was discovered in PicoClaw versions up to 0.2.4. The vulnerability affects an unknown function in the /api/gateway/restart file of the Web Launcher Management Plane component. Attackers can exploit this vulnerability remotely by performing manipulation that results in command injection. The project maintainers have been notified through an issue report but have not responded yet. This represents a high-severity security risk due to the remote exploitability and command injection nature of the vulnerability.