Description
OpenClaw before 2026.4.25 contains a privilege escalation vulnerability in internal and webchat command authentication that allows senders to inherit wildcard ownerAllowFrom state across channel boundaries. Attackers can exploit this by sending commands on affected internal or webchat paths to execute owner-style command behavior outside intended channel scope, potentially bypassing access controls.
Published: 2026-06-16
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw before 2026.4.25 suffers a privilege‑escalation flaw in its internal and webchat command authentication system. The flaw permits any sender who can send commands along the internal or webchat paths to inherit a wildcard ownerAllowFrom state across channel boundaries. This lets the attacker execute commands that are normally restricted to a specific channel, effectively bypassing the application’s intended access controls. The weakness is classified as CWE‑863, a missing access‑control requirement that allows unauthorized command execution.

Affected Systems

All deployments of OpenClaw that use a release version earlier than 2026.4.25 are affected, including the Node.js implementation bundled with the product. Only installations that have been updated to 2026.4.25 or later are safe from this vulnerability.

Risk and Exploitability

The CVSS base score is 6.0, indicating moderate severity. The EPSS score of less than 1% suggests a very low current exploitation probability. The vulnerability is not listed in CISA’s KEV catalog. Based on the description, it is inferred that an attacker requires the ability to issue commands through the affected internal or webchat interfaces, which could be achieved remotely via the public webchat endpoint. The escalation occurs when the system mistakenly treats the sender as an owner in a channel where they normally lack such privileges.

Generated by OpenCVE AI on June 18, 2026 at 00:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the OpenClaw installation to version 2026.4.25 or later, which removes the wildcard inheritance bug.
  • If you cannot upgrade immediately, reconfigure the ownerAllowFrom settings to disable wildcard inheritance between channels and restrict command authentication to channel owners only.
  • Apply role‑based access controls to restrict access to internal and webchat command paths, ensuring that only authorized users can issue channel‑level commands.
  • Monitor application logs for abnormal command activity and conduct periodic penetration tests to confirm that the privilege‑escalation path remains closed.

Generated by OpenCVE AI on June 18, 2026 at 00:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-4hpg-mp64-x7xq OpenClaw: Internal/webchat command auth could inherit ownerAllowFrom wildcard state
History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.25 contains a privilege escalation vulnerability in internal and webchat command authentication that allows senders to inherit wildcard ownerAllowFrom state across channel boundaries. Attackers can exploit this by sending commands on affected internal or webchat paths to execute owner-style command behavior outside intended channel scope, potentially bypassing access controls.
Title OpenClaw < 2026.4.25 - Privilege Escalation via ownerAllowFrom Wildcard Inheritance in Internal/Webchat Commands
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-863
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-16T19:34:33.082Z

Reserved: 2026-06-10T21:21:12.125Z

Link: CVE-2026-53854

cve-icon Vulnrichment

Updated: 2026-06-16T19:34:29.412Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T19:17:02.780

Modified: 2026-06-16T20:42:46.200

Link: CVE-2026-53854

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T00:15:03Z

Weaknesses