OpenClaw Authorization Bypass in Device-Pair Plugin, CVE-2026-32905 (High) -DC-Jul2026-842

Listen to this Post

How CVE-2026-32905 Works

OpenClaw before version 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair plugin. The plugin exposes the `/pair` command on normal chat command surfaces (e.g., Telegram, Discord, Slack). In affected releases, authorized non‑owner chat senders can issue device‑pairing bootstrap codes without having owner, admin, or pairing scope.
The vulnerability stems from improper authorization (CWE‑862) — the system fails to validate that the caller possesses the necessary scope before generating a bootstrap code. Because the `/pair` endpoint is accessible via normal chat commands, any user who is already allowed to send commands to the agent through a configured chat channel can trigger code generation.
The attack is remote and requires only low privileges (a valid chat sender account). No user interaction is needed, and the attacker does not need to be the device owner. Once a bootstrap code is created, the attacker can use it before expiry to enroll a new device with operator or node capabilities. That enrolled device then retains persistent credentials until manually removed from the system.
Affected configurations include all OpenClaw deployments where the bundled device‑pair plugin is enabled and a non‑owner sender is authorized to use normal chat commands — for example, in environments with Telegram, Discord, or Slack agents. All OpenClaw releases prior to 2026.5.4 are vulnerable. The vulnerability has a CVSS v3 base score of 8.3 (High) and a CVSS v4 score of 8.7 (High).

DailyCVE Form

Platform: OpenClaw
Version: < 2026.5.4
Vulnerability: Authorization Bypass (CWE-862)
Severity: High (CVSS 8.3)
Date: 2026-03-16

Prediction: 2026-05-04

What Undercode Say

Check OpenClaw Version

openclaw --version
or
npm list openclaw

Upgrade to Patched Version

npm install [email protected]
or
yarn add [email protected]

Verify Plugin Status

Check if device-pair plugin is enabled
openclaw plugins list | grep device-pair

List Paired Devices

openclaw device list
or check the device-pairing store
cat ~/.openclaw/device-pairing.json

Remove Unexpected Devices

openclaw device remove <device-id>

Disable Device-Pair Plugin (Temporary Workaround)

openclaw plugins disable device-pair

Exploit

An attacker with chat command access (e.g., a member of a Telegram group where the OpenClaw agent is present) can send the `/pair` command to generate a bootstrap code:

/pair generate

The system responds with a setup code (e.g., abcd-1234-efgh-5678) without verifying that the sender has owner, admin, or pairing scope. The attacker then uses this code to enroll a new device:

/pair enroll <code>

The enrolled device gains operator/node capabilities and retains persistent credentials until manually removed. No further authentication is required.

Protection

  • Upgrade to OpenClaw version 2026.5.4 or later immediately.
  • Review all paired devices and remove any unexpected entries.
  • Restrict chat command permissions to only users who should be allowed to manage device pairing.
  • Disable the device‑pair plugin entirely if not required.
  • Monitor chat logs for unauthorized `/pair` command usage.
  • Rotate credentials for any devices that may have been enrolled during the vulnerable period.

Impact

A non‑owner authorized sender can create a setup code and use it before expiry to enroll a device with operator or node capabilities. That device then retains persistent credentials until manually removed. This can lead to:
– Unauthorized device enrollment — attackers can add rogue devices to the OpenClaw network.
– Privilege escalation — enrolled devices may gain operator or admin‑level access.
– Persistent access — credentials remain valid until manual revocation, enabling long‑term compromise.
– Data confidentiality and integrity risks — the vulnerability affects confidentiality, integrity, and availability.

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top