GHSA-R9Q5-C7QC-P26W: Webhook Replay Vulnerability in OpenClaw Nextcloud Talk Integration
Vulnerability ID: GHSA-R9Q5-C7QC-P26W
CVSS Score: Unknown
Published: 2026-03-03
A capture-replay vulnerability exists in the Nextcloud Talk integration of the OpenClaw AI platform. The webhook handler properly verifies cryptographic signatures but fails to track processed message identifiers, allowing attackers to re-submit captured valid requests. This results in duplicate processing of AI commands and potential redundant side effects.
TL;DR
OpenClaw's Nextcloud Talk webhook handler accepts replayed requests due to missing nonce/ID verification. Attackers can trigger duplicate AI actions. Fixed in v2026.2.25.
⚠️ Exploit Status: POC
Technical Details
- CWE: CWE-294
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- Impact: Duplicate Processing
Affected Systems
- OpenClaw Nextcloud Talk Integration
-
OpenClaw: < 2026.2.25 (Fixed in:
2026.2.25)
Code Analysis
Commit: d512163
feat(nextcloud-talk): add replay guard and backend origin validation
export function createNextcloudTalkReplayGuard...
Mitigation Strategies
- Implement persistent message deduplication
- Validate backend origin headers
- Enforce short Time-To-Live (TTL) for message validity
Remediation Steps:
- Upgrade OpenClaw to version 2026.2.25 or later.
- Verify that the
baseUrlconfiguration for Nextcloud Talk accounts is set correctly to enable origin validation. - Monitor logs for
[nextcloud-talk:<id>] replayed webhook ignoredto confirm the guard is active.
References
Read the full report for GHSA-R9Q5-C7QC-P26W on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)