OpenClaw: Node Reconnect Metadata Spoofing Policy Bypass
Vulnerability ID: GHSA-R65X-2HQR-J5HF
CVSS Score: 8.5
Published: 2026-03-03
A critical authorization bypass vulnerability exists in the OpenClaw Gateway authentication mechanism. The flaw allows authenticated nodes to spoof device metadata—specifically the platform and device family—during reconnection events. By modifying these parameters, a compromised or malicious node can bypass command execution policies that restrict capabilities based on device type (e.g., escalating from a restricted mobile client to a privileged server node). This issue affects all versions prior to 2026.2.26.
TL;DR
Authenticated nodes can bypass command restrictions by lying about their device type (e.g., claiming to be Linux instead of iOS) during reconnection. Fixed in version 2026.2.26 via metadata pinning and updated cryptographic signatures.
⚠️ Exploit Status: POC
Technical Details
- Attack Vector: Network (Authenticated)
- Impact: Privilege Escalation / Policy Bypass
- CVSS v3 (Est.): 8.5 (High)
- CWE ID: CWE-345
- Exploit Status: POC Available
- Authentication: Required (Low Privilege)
Affected Systems
- OpenClaw Gateway
- OpenClaw Node Agent
-
OpenClaw: < 2026.2.26 (Fixed in:
2026.2.26)
Code Analysis
Commit: 7d8aeaa
Fix: bind platform metadata to auth signature and pin device family
export function buildDeviceAuthPayloadV3(params: DeviceAuthPayloadV3Params): string {
+ platform,
+ deviceFamily,
Mitigation Strategies
- Cryptographic binding of metadata fields
- Server-side Trust-On-First-Use (TOFU) pinning
- Strict input normalization
Remediation Steps:
- Upgrade OpenClaw Gateway to version 2026.2.26 or later.
- Review list of paired devices for platform mismatches.
- Revoke and re-pair any suspicious device identities.
- Monitor logs for 'metadata-upgrade' security events.
References
Read the full report for GHSA-R65X-2HQR-J5HF on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)