OpenClaw Gateway, Authorization Bypass, CVE-PENDING (High)

Listen to this Post

The vulnerability arises from improper authorization scoping within the Gateway’s method handlers. Specifically, the `chat.send` method reuses command authorization logic intended for standard chat operations to handle the `/reset` command. In the architecture, a direct session reset is classified as an admin-only control-plane operation, restricted to administrative scope. However, the `operator.write` scope, which is assigned to standard gateway callers, grants write access to chat functionalities. Due to a flaw in the routing logic within `src/gateway/server-methods/chat.ts` and the session management in src/auto-reply/reply/session.ts, an attacker with `operator.write` privileges can invoke `chat.send` with the `/reset` payload. This action triggers the session rotation mechanism, archives the current transcript state, and generates a new session ID. This effectively bypasses the required admin scope, allowing a non-admin user to perform a disruptive session reset and potentially cause denial of service or session hijacking.
Platform: OpenClaw Gateway
Version: <= 2026.3.24
Vulnerability : Authorization Bypass
Severity: High
date: 2026-03-29

Prediction: 2026-03-28

Analytics under What Undercode Say:

Check for vulnerable version
grep version package.json | grep 2026.3.2
Audit gateway method permissions
jq '.methods[] | select(.name=="chat.send")' gateway_config.json
Monitor session resets in logs
grep "session.reset" /var/log/openclaw/gateway.log

Exploit:

// Crafted payload using operator.write scope
gateway.call('chat.send', {
target: 'victim_session_id',
message: '/reset'
});
// The server incorrectly processes the admin-only command.

Protection from this CVE

Upgrade to version 2026.3.28 or later which includes commit be00fcfccb. Implement strict scope validation in `chat.ts` to ensure that session reset commands are explicitly denied for non-admin scopes before reaching the session management handler.

Impact

An attacker with write-scoped gateway access can forcefully rotate user sessions, causing denial of service, loss of chat history, and potential session fixation or hijacking scenarios.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top