Skip to main content

Openclaw CVE-2026-32057

| EUVDEUVD-2026-13960 MEDIUM
Reliance on Untrusted Inputs in a Security Decision (CWE-807)
2026-03-21 VulnCheck
6.0
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
6.0 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

5
PoC Detected
Mar 25, 2026 - 15:16 vuln.today
Public exploit code
EUVD ID Assigned
Mar 21, 2026 - 01:00 euvd
EUVD-2026-13960
Analysis Generated
Mar 21, 2026 - 01:00 vuln.today
Patch released
Mar 21, 2026 - 01:00 nvd
Patch available
CVE Published
Mar 21, 2026 - 00:42 nvd
MEDIUM 6.0

DescriptionCVE.org

OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui client identifier to skip pairing requirements and gain unauthorized access to node event execution flows.

AnalysisAI

OpenClaw versions before 2026.2.25 allow authenticated attackers with node role permissions to bypass device pairing requirements in the Control UI by spoofing the control-ui client identifier, enabling unauthorized access to node event execution flows. Public exploit code exists for this authentication bypass vulnerability. The vulnerability requires prior authentication and has moderate integrity impact potential.

Technical ContextAI

The vulnerability exists in OpenClaw's trusted-proxy Control UI pairing mechanism, a component responsible for authenticating and authorizing websocket clients before granting access to node event execution capabilities. The root cause, classified under CWE-807 (Reliance on Untrusted Inputs in a Security Decision), stems from the system accepting the client.id parameter (specifically the hardcoded value 'control-ui') without verifying the actual device identity or legitimacy of the requesting entity. OpenClaw (cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*) uses websocket-based communication for node orchestration and event handling; the pairing mechanism is intended to enforce a cryptographic or cryptographic-adjacent handshake between authorized control interfaces and worker nodes. By failing to validate that the connecting entity is actually a legitimate control-ui instance—rather than merely checking for the presence of that identifier—the system allows any authenticated websocket client with node role privileges to assume control-ui authority and access protected event execution flows.

RemediationAI

Upgrade OpenClaw to version 2026.2.25 or later to apply the security patch (commit ec45c317f5d0631a3d333b236da58c4749ede2a3). Organizations unable to patch immediately should implement the following mitigations: restrict websocket connections to the OpenClaw trusted-proxy to a whitelist of known control-ui endpoint IP addresses or hostnames, enforce mutual TLS (mTLS) authentication with certificate pinning for control-ui pairing handshakes, and implement detailed audit logging on all websocket client.id parameter values to detect attempted spoofing. Monitor for connections presenting client.id=control-ui from unexpected sources and implement network segmentation to isolate node websocket listeners from untrusted networks. See the vendor advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-vvgp-4c28-m3jm for official guidance.

CVE-2026-28446 CRITICAL POC
9.4 Mar 05

Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.

CVE-2026-33579 CRITICAL POC
9.4 Mar 31

Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b

CVE-2026-32042 HIGH POC
8.8 Mar 21

OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att

CVE-2026-32051 HIGH POC
8.8 Mar 21

An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.

CVE-2026-25253 HIGH POC
8.8 Feb 01

OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e

CVE-2026-32846 HIGH POC
8.7 Mar 26

Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in

CVE-2026-32064 HIGH POC
7.7 Mar 21

OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all

CVE-2026-32055 HIGH POC
7.6 Mar 21

OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director

CVE-2026-32056 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func

CVE-2026-32049 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste

CVE-2026-32048 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low

CVE-2026-25474 HIGH POC
7.5 Feb 19

OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec

Share

CVE-2026-32057 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy