GHSA-WQ58-2PVG-5H4F: Improper Authorization and Privilege Escalation in OpenClaw Gateway Agent RPC
Vulnerability ID: GHSA-WQ58-2PVG-5H4F
CVSS Score: High
Published: 2026-03-26
The OpenClaw gateway contains an improper authorization vulnerability in the Agent RPC handler. Users with basic operator.write permissions can bypass scope restrictions to execute administrative session resets via in-band text commands, leading to targeted service disruption and state manipulation.
TL;DR
A missing authorization check in the OpenClaw agent RPC handler allows standard users to reset administrative sessions by sending specifically crafted in-band messages like '/reset'.
⚠️ Exploit Status: POC
Technical Details
- Vulnerability Type: Improper Authorization
- CWE ID: CWE-863
- Attack Vector: Network / RPC API
- Authentication: Required (operator.write)
- Impact: Targeted Denial of Service / State Disruption
- Exploit Status: Proof of Concept Available
Affected Systems
- OpenClaw Gateway Agent RPC Component
-
OpenClaw: All versions prior to the March 23, 2026 patch (Fixed in:
Commit 50f6a2f136fed85b58548a38f7a3dbb98d2cd1a0)
Code Analysis
Commit: 50f6a2f
fix(gateway): require admin for agent session reset
Mitigation Strategies
- Update the OpenClaw application to incorporate commit 50f6a2f136fed85b58548a38f7a3dbb98d2cd1a0.
- Implement centralized logging to capture agent RPC messages and monitor for unauthorized reset commands.
Remediation Steps:
- Identify all deployed instances of the OpenClaw gateway.
- Pull the latest stable release or apply the patch manually to src/gateway/server-methods/agent.ts.
- Restart the gateway service to ensure the patched handler logic is loaded into memory.
- Review historical gateway logs for unauthorized execution of the /reset command by non-admin accounts.
References
Read the full report for GHSA-WQ58-2PVG-5H4F on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)