DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-QM2M-28PF-HGJW: GHSA-QM2M-28PF-HGJW: Privilege Escalation via Incorrect Scope Assignment in OpenClaw Gateway Plugin

#security #cve #cybersecurity #ghsa

GHSA-QM2M-28PF-HGJW: Privilege Escalation via Incorrect Scope Assignment in OpenClaw Gateway Plugin

Vulnerability ID: GHSA-QM2M-28PF-HGJW
CVSS Score: 8.8
Published: 2026-03-27

The OpenClaw personal AI assistant framework contains a high-severity privilege escalation vulnerability in its Gateway Plugin HTTP request handling. Versions prior to 2026.3.26 incorrectly grant administrative runtime scopes to any successfully authenticated caller accessing a protected plugin route. This architectural flaw allows low-privileged users to bypass role-based access controls and execute administrative actions, including session termination and unauthorized device pairing.

TL;DR

OpenClaw incorrectly grants 'operator.admin' privileges to any authenticated user who accesses a protected plugin route. Attackers with restricted credentials can exploit this to perform unauthorized administrative actions.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-266, CWE-863
  • Attack Vector: Network
  • Impact: Privilege Escalation
  • Exploit Status: Proof of Concept
  • CVSS Score: 8.8
  • Requires Authentication: Yes (Low Privilege)

Affected Systems

  • OpenClaw Gateway Plugin
  • OpenClaw HTTP Plugin Architecture
  • openclaw: <= 2026.3.24 (Fixed in: 2026.3.26)

Code Analysis

Commit: ec2dbcf

Fix incorrect scope assignment in createPluginRouteRuntimeClient

Mitigation Strategies

  • Update the OpenClaw framework to version 2026.3.26 or later.
  • Audit and temporarily disable non-essential plugins that expose HTTP routes requiring Gateway authentication.
  • Monitor Gateway server logs for unexpected administrative actions originating from low-privileged accounts.

Remediation Steps:

  1. Identify the current OpenClaw version deployed in the environment.
  2. Pull the latest release (2026.3.26 or higher) from NPM or the official GitHub repository.
  3. Deploy the updated framework and restart the OpenClaw service to apply the modified runtime configuration.
  4. Audit existing user sessions and paired devices for unauthorized additions or modifications that may indicate prior exploitation.

References

Read the full report for GHSA-QM2M-28PF-HGJW on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)