Openclaw
CVE-2026-32034
MEDIUM
Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
OpenClaw versions prior to 2026.2.21 contain an authentication bypass vulnerability in the Control UI when allowInsecureAuth is explicitly enabled and the gateway is exposed over plaintext HTTP, allowing attackers to bypass device identity and pairing verification. An attacker with leaked or intercepted credentials can obtain high-privilege Control UI access by exploiting the lack of secure authentication enforcement over unencrypted HTTP connections.
AnalysisAI
OpenClaw versions before 2026.2.21 allow authenticated attackers to bypass device identity verification and gain high-privilege Control UI access when insecure authentication is enabled and the gateway uses unencrypted HTTP. An attacker with compromised credentials can exploit the lack of secure authentication enforcement to obtain unauthorized control access. The vulnerability requires network access and valid credentials but poses significant risk in environments where plaintext HTTP is used.
Technical ContextAI
The vulnerability exists in OpenClaw's Control UI authentication mechanism and stems from improper enforcement of secure authentication channels (CWE-78: Improper Neutralization of Special Elements used in an OS Command). When the allowInsecureAuth configuration option is explicitly enabled, the system fails to enforce cryptographic protections for authentication tokens and credentials transmitted over plaintext HTTP. This creates a situation where an attacker on the network path (or with intercepted credentials) can replay or forge authentication requests without proper verification of device identity or pairing status. The root cause is the conditional trust in unencrypted HTTP channels when a dangerous configuration flag is set, violating secure-by-default principles and allowing credential-based lateral movement to high-privilege Control UI endpoints.
RemediationAI
Upgrade OpenClaw to version 2026.2.21 or later immediately, referencing the official GitHub Security Advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-3cvx-236h-m9fj for patching details. Until patching is completed, apply the following compensating controls: disable the allowInsecureAuth configuration flag entirely (enforce it to false via policy or environment defaults), enforce HTTPS-only access to the Control UI via reverse proxy with HSTS header enforcement, implement network segmentation to restrict gateway exposure to trusted internal networks only, and audit all configuration instances of allowInsecureAuth across your deployment to identify and remediate any deviation from secure defaults. If HTTP exposure cannot be immediately removed, implement network-level controls such as VPN enforcement or IP whitelisting to prevent unauthorized credential interception.
Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.
Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b
OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att
An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.
OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e
Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in
OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all
OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director
OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func
OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste
OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low
OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec
Same weakness CWE-78 – OS Command Injection
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-3cvx-236h-m9fj