OpenClaw before 2026.3.31 contains a flaw that allows an unauthenticated user to send requests to plugin‑auth HTTP routes, resulting in the assignment of operator‑level runtime write scopes. Because these routes are intended for authorized operators only, an attacker can execute privileged runtime actions on the target system. This flaw derives from missing authentication checks (CWE‑862) and enables an attacker to perform actions that compromise system integrity and confidentiality. The likely attack vector is inferred to be remote network access, based on the description that unauthenticated HTTP endpoints are reachable.

All deployments of OpenClaw version earlier than 2026.3.31 are affected. The vulnerability applies to the OpenClaw product bundled with Node.js environments, as indicated by the CPE string. No specific sub‑products or configuration variants were mentioned, so any standard installation of OpenClaw that satisfies the pre‑2026.3.31 version constraint is vulnerable.

The CVSS base score of 8.8 classifies this issue as high severity, and the vulnerability can be exploited over the network by any party that can reach the plugin‑auth endpoints. Because the attack requires no authentication and no additional credentials, the risk of exploitation is elevated. The EPSS score is not available, and the issue is not listed in the CISA KEV catalog, but the lack of external exposure controls makes the attack potentially feasible for opportunistic actors. The attack vector is inferred to be network‑based due to the presence of unauthenticated HTTP routes.