EUVD-2026-17377
GHSA-vm29-7mq3-9jrg
CVSS Vector
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
OpenClaw before 2026.3.11 contains a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretRefs are treated as unset, allowing fallback to remote credentials in local mode. Attackers can exploit misconfigured local auth references to cause CLI and helper paths to select incorrect credential sources, potentially bypassing intended local authentication boundaries.
Analysis
OpenClaw before version 2026.3.11 allows local authenticated users to bypass local authentication boundaries through a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretRefs are incorrectly treated as unset, enabling fallback to remote credentials in local-only mode. The vulnerability requires local access and specific misconfiguration of auth references but can result in information disclosure if an attacker selects incorrect credential sources via CLI and helper paths. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today