GHSA-HFPR-JHPQ-X4RM: GHSA-HFPR-JHPQ-X4RM: Authorization Bypass via Gateway Command Routing in OpenClaw

GHSA-HFPR-JHPQ-X4RM: Authorization Bypass via Gateway Command Routing in OpenClaw

Vulnerability ID: GHSA-HFPR-JHPQ-X4RM
CVSS Score: 6.5
Published: 2026-03-09

OpenClaw versions prior to v2026.3.7 contain a moderate-severity authorization bypass vulnerability (CWE-863). The flaw allows authenticated clients restricted to the operator.write scope to perform administrative configuration changes by abusing the chat.send gateway protocol. This failure in internal message channel processing leads to unauthorized modifications of the system configuration and potential privilege escalation.

TL;DR

Authenticated attackers with limited operator.write permissions can bypass scope restrictions using the chat.send gateway method to execute administrative /config commands, altering system settings and enabling administrative tools.

---

⚠️ Exploit Status: POC

Technical Details

• CWE ID: CWE-863 / CWE-285
• Attack Vector: Network (Authenticated)
• Impact: Privilege Escalation / Configuration Modification
• Exploit Status: Proof of Concept (PoC) Available
• Required Privileges: Low (operator.write)
• Affected Component: chat.send handler

Affected Systems

• OpenClaw Gateway Protocol
• OpenClaw Internal Command Router
• OpenClaw: < 2026.3.7 (Fixed in: 2026.3.7)

Code Analysis

Commit: 5f8f58a

Implemented requireGatewayClientScopeForInternalChannel helper and enforced operator.admin scope for /config set and unset commands.

Exploit Details

• Internal Test Suites: Proof of concept exists within the project's internal testing mechanisms.

Mitigation Strategies

• Update OpenClaw to version 2026.3.7 or newer.
• Audit existing gateway client credentials and adhere to the principle of least privilege.
• Implement network segmentation for the OpenClaw management and gateway interfaces.

Remediation Steps:

1. Download the OpenClaw v2026.3.7 release package from the official repository.
2. Gracefully terminate the running OpenClaw service.
3. Apply the update to the binary and associated libraries.
4. Audit the existing openclaw.json for unauthorized parameter modifications, particularly tool enablement.
5. Restart the OpenClaw service and verify operational status.

References

• GitHub Advisory: GHSA-hfpr-jhpq-x4rm
• OpenClaw Security Policy
• Fix Commit 5f8f58ae25e2a78f31b06edcf26532d634ca554e
• OpenClaw v2026.3.7 Release

---

Read the full report for GHSA-HFPR-JHPQ-X4RM on our website for more details including interactive diagrams and full exploit analysis.