DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-WPPH-CJGR-7C39: GHSA-WPPH-CJGR-7C39: Identity Collision in OpenClaw Group Policy Resolver

#security #cve #cybersecurity #ghsa

GHSA-WPPH-CJGR-7C39: Identity Collision in OpenClaw Group Policy Resolver

Vulnerability ID: GHSA-WPPH-CJGR-7C39
CVSS Score: 9.9
Published: 2026-03-03

A critical identity spoofing vulnerability in the OpenClaw AI framework allows unprivileged users to bypass group policy restrictions. The flaw resides in the toolsBySender configuration resolver, which failed to distinguish between immutable identifiers (like internal user IDs) and mutable attributes (like display names). By setting a display name to match a privileged user's ID, an attacker can inherit administrative permissions, potentially leading to remote code execution on the host system via exposed tools.

TL;DR

OpenClaw's group policy engine suffered from a type confusion bug where user-controlled display names were treated equivalently to trusted user IDs. Attackers could spoof admin identities by renaming themselves, gaining unauthorized access to sensitive tools. Fixed in version 2026.2.25.

⚠️ Exploit Status: POC

Technical Details

  • Vulnerability ID: GHSA-WPPH-CJGR-7C39
  • Severity: Critical (9.9)
  • Attack Vector: Network
  • Weakness Enum: CWE-284 / CWE-807
  • Fixed Version: 2026.2.25
  • Platform: Node.js / TypeScript

Affected Systems

  • OpenClaw Framework
  • OpenClaw Group Policy Resolver
  • OpenClaw: < 2026.2.25 (Fixed in: 2026.2.25)

Code Analysis

Commit: 5547a22

fix(config): enforce typed keys in toolsBySender to prevent identity collisions

function parseSenderPolicyKey... return { kind: 'typed', type: 'id', key: normalizeLegacySenderKey(trimmed) };
Enter fullscreen mode Exit fullscreen mode

Mitigation Strategies

  • Strict Input Validation: Enforce type checking on all configuration keys.
  • Principle of Least Privilege: Disable dangerous tools (exec, fs) unless strictly necessary.
  • Identity Verification: Prefer immutable identifiers (IDs, verified phones) over mutable ones (names).

Remediation Steps:

  1. Upgrade OpenClaw to version 2026.2.25 or later immediately.
  2. Audit your config.yaml or policy files. Identify all toolsBySender entries.
  3. Convert legacy untyped keys to explicit typed keys. Change "12345": ... to "id:12345": ....
  4. If matching by username is required, explicitly use the username: prefix (e.g., "username:jdoe": ...).
  5. Monitor application logs for OPENCLAW_TOOLS_BY_SENDER_UNTYPED_KEY warnings, which indicate legacy keys are still active.

References

Read the full report for GHSA-WPPH-CJGR-7C39 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)