DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-GW85-XP4Q-5GP9: GHSA-GW85-XP4Q-5GP9: Authorization Bypass in OpenClaw Synology Chat Extension

#security #cve #cybersecurity #ghsa

GHSA-GW85-XP4Q-5GP9: Authorization Bypass in OpenClaw Synology Chat Extension

Vulnerability ID: GHSA-GW85-XP4Q-5GP9
CVSS Score: 9.8
Published: 2026-03-03

A critical authorization bypass vulnerability exists in the Synology Chat extension of the OpenClaw AI assistant infrastructure. The vulnerability arises from a 'fail-open' logic error in the user allowlist enforcement mechanism. When the dmPolicy is configured to allowlist but the list of allowed user IDs is left empty, the system defaults to permitting all traffic rather than denying it. This flaw allows unauthenticated remote attackers to interact with the AI agent, potentially triggering sensitive tools or workflows intended only for authorized administrators.

TL;DR

OpenClaw's Synology Chat extension fails to enforce access controls when an allowlist is empty, effectively treating a restricted policy as an open one. This allows any user with access to the webhook to dispatch AI agents and execute commands.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-863
  • Vulnerability Type: Incorrect Authorization
  • CVSS Score: 9.8 (Critical)
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None

Affected Systems

  • OpenClaw (Synology Chat Extension)
  • OpenClaw: < 2026-02-24 (commit 0ee3036) (Fixed in: commit 0ee3036)

Code Analysis

Commit: 0ee3036

fix(synology-chat): fail closed empty allowlist

Commit: 7655c0c

docs(changelog): add synology-chat allowlist fail-closed note

Mitigation Strategies

  • Update OpenClaw to the latest version immediately.
  • Explicitly populate allowedUserIds if using dmPolicy: "allowlist".
  • Use dmPolicy: "open" only if the webhook is not publicly accessible.

Remediation Steps:

  1. Pull the latest changes from the OpenClaw repository (commit 0ee3036 or later).
  2. Review the extensions/synology-chat/config.ts or environment variables.
  3. Ensure dmPolicy is set to allowlist.
  4. Verify that allowedUserIds contains at least one valid administrator ID.
  5. Restart the OpenClaw service to apply changes.

References

Read the full report for GHSA-GW85-XP4Q-5GP9 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)