GHSA-j4c9-w69r-cw33: Authorization Bypass in OpenClaw Telegram Integration via Inline Button Callbacks
Vulnerability ID: GHSA-J4C9-W69R-CW33
CVSS Score: 8.7
Published: 2026-03-29
OpenClaw versions up to 2026.3.24 suffer from an authorization bypass in the Telegram integration. The vulnerability allows unauthorized users to send inline button callbacks that mutate session state, circumventing the direct message pairing restrictions.
TL;DR
A logic flaw in OpenClaw's Telegram event handling allows unauthorized actors to bypass DM pairing and alter bot session state by sending crafted callback queries directly to the bot.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-285, CWE-863
- CVSS Score: 8.7
- Attack Vector: Network (via Telegram API)
- Impact: High Integrity and Availability Compromise
- Exploit Status: Proof of Concept Available
- Vulnerability Class: Authorization Bypass
Affected Systems
- OpenClaw Telegram Extension
- OpenClaw Core Routing Component
-
openclaw: <= 2026.3.24 (Fixed in:
2026.3.26)
Code Analysis
Commit: 269282a
Fix authorization mode evaluation for direct message callbacks
Mitigation Strategies
- Update OpenClaw to patched version 2026.3.26
- Set inlineButtonsScope to 'allowlist' in openclaw.json
- Disable execApprovalButtonsEnabled to force strict authorization checks
- Ensure dmPolicy is configured to 'pairing'
Remediation Steps:
- Stop the running OpenClaw service.
- Upgrade the OpenClaw package via npm or pull the latest repository tag 2026.3.26.
- Review the openclaw.json configuration file for appropriate dmPolicy settings.
- Restart the OpenClaw service.
- Monitor Telegram webhook logs for unauthorized callback_query event attempts.
References
Read the full report for GHSA-J4C9-W69R-CW33 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)