OpenClaw, Improper Authorization, GHSA-r7vr-gr74-94p8 (High)

By /

Listen to this Post

The vulnerability stems from a mismatch between documented intent and actual implementation in OpenClaw’s command handling. The software’s documentation specified that the `/config` and `/debug` commands were restricted to “owner” users only . However, the code within the command handlers did not enforce this specific owner check. Instead, it only verified if the sender was generally “command-authorized” . This means any user who was intentionally granted permission to run commands—a lower-trust “non-owner” sender—could still access these privileged surfaces . An attacker with such command authorization could then read or modify the application’s configuration via `/config` or inspect and alter runtime settings via /debug, which should have remained exclusively under the owner’s control. The issue is classified under CWE-285: Improper Authorization . The fix, implemented in version 2026.3.12, now correctly enforces the owner-only restriction for these command surfaces .
Platform: openclaw npm
Version: <=2026.3.11
Vulnerability : Improper Authorization
Severity: High
date: 2026-03-13

Prediction: 2026-03-12

What Undercode Say:

Analytics

  • Ecosystem: npm
  • Package: openclaw
  • Vulnerable Range: <= 2026.3.11
  • Patched Version: 2026.3.12
  • Fix Commit: `08aa57a3de37d337b226ae861f573779f112ff2e`

Bash Commands and Codes

Check currently installed version of openclaw
npm list openclaw
Update to the patched version
npm install [email protected]
Verify the fix by checking for the specific commit
npm view [email protected] dist.tarball | xargs curl -s | tar -tz | grep -E 'command.handler|config'
Check current configuration to see if sensitive commands are enabled (only relevant on patched versions)
grep -E 'commands.(config|debug)' ~/.openclaw/config.json

How Exploit:

  1. Precondition: The attacker must already have “command-authorization” on a vulnerable OpenClaw instance (version <= 2026.3.11) .
  2. Action: The attacker sends the `/config` or `/debug` command to the OpenClaw gateway .
  3. Outcome: The vulnerable handler processes the command, granting the attacker access to read or modify configuration and debug settings .

Protection from this CVE

  • Immediate Update: Upgrade to OpenClaw version `2026.3.12` or later .
  • Configuration Review: After updating, ensure `commands.config` and `commands.debug` are set to `false` in `openclaw.json` unless owner access is explicitly required .
  • Audit Access: Review which users or senders have been granted elevated command permissions.

Impact

  • Confidentiality: A non-owner attacker can read the entire application configuration, potentially revealing sensitive data like API keys or internal settings .
  • Integrity: The attacker can modify the running configuration via `/config` or runtime behavior via /debug, potentially weakening security or causing operational issues .
  • Attack Vector: Network-based, requiring prior command authorization but no owner privileges.
  • Scope: Direct compromise of the application’s configuration and debugging state.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top