DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-C28G-VH7M-FM7V: GHSA-C28G-VH7M-FM7V: Improper Authorization and Privilege Escalation in OpenClaw Command Resolution

#security #cve #cybersecurity #ghsa

GHSA-C28G-VH7M-FM7V: Improper Authorization and Privilege Escalation in OpenClaw Command Resolution

Vulnerability ID: GHSA-C28G-VH7M-FM7V
CVSS Score: 5.5
Published: 2026-04-29

OpenClaw contains an improper authorization vulnerability where the framework fails to adequately differentiate between channel-level access rights and administrative command ownership. When a wildcard channel configuration is employed without an explicitly defined owner allowlist, the fallback logic incorrectly grants administrative privileges to any user communicating on that channel.

TL;DR

A flaw in OpenClaw's authorization logic allows unprivileged users to execute administrative commands if the communication channel relies on a wildcard sender policy and an explicit owner allowlist is not configured.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-285, CWE-863
  • Attack Vector: Network / Communication Channel
  • Authentication Required: None
  • Impact: Privilege Escalation, Authorization Bypass
  • CVSS Score: 5.5 (Moderate)
  • Exploit Status: Proof of Concept available via native commands

Affected Systems

  • OpenClaw
  • OpenClaw: < Patched releases post-2026-04-21 (Fixed in: Post-2026-04-21 branch)

Code Analysis

Commit: 2aa93d4

Fix Commit (1) addressing authorization fallback logic

Commit: 995febb

Fix Commit (2) decoupling channel-level authorization from administrative ownership

Mitigation Strategies

  • Update OpenClaw framework to a version released subsequent to the April 21, 2026 patch.
  • Explicitly define 'commands.ownerAllowFrom' in configuration files with specific administrator identifiers.
  • Avoid utilizing wildcard sender policies ('allowFrom: ["*"]') on channels where restricted commands are accessible.

Remediation Steps:

  1. Review current OpenClaw version and identify if the deployment predates the April 2026 patch cycle.
  2. Audit the bot configuration file to ensure 'enforceOwnerForCommands' is paired with an explicitly defined 'ownerAllowFrom' array.
  3. Inspect all active channel configurations and remove 'allowFrom: ["*"]' where general unauthenticated access is not strictly required.
  4. Apply the framework update and verify the mitigation by attempting to send a restricted command from an unlisted account on a wildcard channel.

References

Read the full report for GHSA-C28G-VH7M-FM7V on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)