DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-GCJ7-R3HG-M7W6: GHSA-GCJ7-R3HG-M7W6: Webhook Replay Vulnerability via Unsigned Idempotency Headers in OpenClaw

#security #cve #cybersecurity #ghsa

GHSA-GCJ7-R3HG-M7W6: Webhook Replay Vulnerability via Unsigned Idempotency Headers in OpenClaw

Vulnerability ID: GHSA-GCJ7-R3HG-M7W6
CVSS Score: 8.2
Published: 2026-03-03

A critical authentication bypass vulnerability exists in the OpenClaw voice-call extension, specifically within the Twilio webhook handler. The system implements event deduplication logic that prioritizes an unsigned HTTP header (i-twilio-idempotency-token) over cryptographically verified request components. This architectural flaw allows remote attackers to intercept valid, signed webhooks and replay them against the server by simply modifying the unverified idempotency token. Despite the presence of X-Twilio-Signature verification, the modified requests are accepted as new, unique events, leading to the unauthorized re-execution of voice call actions, potential financial loss via resource exhaustion (LLM/TTS costs), and corruption of conversation state.

TL;DR

OpenClaw versions prior to 2026.2.26 are vulnerable to webhook replay attacks. The application dedupes requests using an unsigned HTTP header, allowing attackers to replay valid Twilio events by modifying this header without invalidating the cryptographic signature.

Technical Details

  • Vulnerability Type: Authentication Bypass by Capture-replay
  • CWE ID: CWE-294, CWE-345
  • Affected Component: Twilio Webhook Handler
  • Attack Vector: Network
  • CVSS Score: 8.2 (High)
  • Patch Commit: 1aadf26f9acc399affabd859937a09468a9c5cb4

Affected Systems

  • openclaw (npm)
  • openclaw: <= 2026.2.25 (Fixed in: 2026.2.26)

Code Analysis

Commit: 1aadf26

fix: bind dedupe key to verified signature material

modified src/providers/twilio.ts to use verifiedRequestKey instead of header
Enter fullscreen mode Exit fullscreen mode

Mitigation Strategies

  • Upgrade to patched version
  • Bind deduplication logic to cryptographic signatures
  • Rotate webhook signing secrets

Remediation Steps:

  1. Identify the vulnerable dependency in package.json: openclaw versions <= 2026.2.25.
  2. Run npm install openclaw@2026.2.26 to apply the patch.
  3. Verify the installation by checking npm list openclaw.
  4. Redeploy the application service.

References

Read the full report for GHSA-GCJ7-R3HG-M7W6 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)