Listen to this Post
The vulnerability resides in the iMessage monitoring component (monitor-provider.ts) when `groupPolicy` is set to allowlist. The function responsible for determining authorized senders, effectiveGroupAllowFrom, incorrectly merges two distinct identity sources: the static group allowlist and the identities stored from Direct Message (DM) pairings. This logic flaw means that if a sender has previously established a DM pairing with the bot (and thus exists in the storeAllowFrom), that approval bleeds into the group context. Consequently, a sender who is not listed in the group’s specific allowlist can still bypass group authorization checks because the system accepts their DM-paired identity as sufficient proof to post messages in a group. This weakens the intended boundary separation between one-on-one DM trust and multi-user group trust, allowing unauthorized participants to interact with the group channel.
dailycve form:
Platform: openclaw/clawdbot npm
Version: <=2026.2.13,<=2026.1.24-3
Vulnerability: group auth bypass
Severity: high
date: 2026-02-18
Prediction: Patched (872079d)
What Undercode Say:
Analytics:
The vulnerable logic combined two distinct authorization sets (DM store and group allowlist) without a proper security context switch . The impact is primarily a breach of trust boundaries in group chats.
Exploit:
1. Establish DM pairing with target OpenClaw bot.
2. Send message to group where `groupPolicy=allowlist`.
- Exploit: Bot accepts message because sender is in
storeAllowFrom, even if not ingroupAllowFrom.
Protection from this CVE:
Apply commit 872079d which separates DM and group authorization logic.
Navigate to your openclaw directory cd /path/to/openclaw Pull the latest fixes or apply the specific commit git pull origin main Or if you need the specific commit: git cherry-pick 872079d42fe105ece2900a1dd6ab321b92da2d59 Rebuild/restart your OpenClaw instance npm run build pm2 restart openclaw or your specific process manager command
Impact:
Allows unauthorized DM-paired senders to participate in restricted groups, breaking security policies.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

