openclaw, Telegram DM-Scoped Inline Button Callbacks Bypass DM Pairing and Mutate Session State, No CVE (Medium)

Listen to this Post

How the CVE Works

The vulnerability resides in the way Telegram callback queries originating from direct messages (DMs) were processed. Prior to the fix, the application applied a weaker “callback-only” authorization check for inline button callbacks, which did not enforce the same DM pairing requirements that normal message handling required.
An attacker who could coax a victim into clicking a crafted inline button (e.g., via a forwarded message or a malicious bot interaction) could trigger state‑mutating operations without the victim having an established DM session with the bot.
Because the callback handler did not verify that the user was properly paired or that the DM conversation context was valid, it allowed unauthorized changes to session data—such as modifying preferences, toggling features, or escalating privileges.
The flaw affected all versions of the openclaw package up to and including v2026.3.24.
The issue was identified in commit 269282ac69ab6030d5f30d04822668f607f13065, which introduces a mandatory DM authorization step for all callback queries, aligning callback security with the existing DM pairing logic.
Verified vulnerable on tag v2026.3.24 and fixed on main with the referenced commit.
The patch ensures that callback queries now fail unless the user has an active DM pairing, effectively closing the bypass.

DailyCVE Form

Platform: openclaw package
Version: <= 2026.3.24
Vulnerability: DM callback bypass
Severity: Medium
Date: 2026-03-30

Prediction: Patch 2026-03-25

What Undercode Say

Analytics

Check currently installed openclaw version
npm list openclaw
Verify if vulnerable (<=2026.3.24)
if [[ "$(npm list openclaw --depth=0 | grep openclaw@ | cut -d@ -f2)" < "2026.3.25" ]]; then
echo "Vulnerable version detected"
fi
Update to patched version
npm install [email protected]
Validate fix commit presence
git log --oneline | grep 269282ac

Exploit

An attacker crafts a Telegram inline button callback URL referencing a privileged action. The victim, without any prior DM pairing, clicks the button. Due to the missing DM pairing check, the callback executes and mutates session state—e.g., enabling admin functions or altering user settings—bypassing intended access controls.

Protection from this CVE

Upgrade openclaw to version 2026.3.25 or later, which includes commit 269282ac69ab6030d5f30d04822668f607f13065. If immediate upgrade is not possible, temporarily disable callback handling for unpaired DM users or restrict callback endpoints to require explicit DM confirmation.

Impact

Unauthenticated state mutation in Telegram DM contexts, allowing attackers to modify victim session data without proper authorization, potentially leading to privilege escalation or unintended feature activation.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top