Skip to main content

OpenClaw Bot Framework CVE-2026-62214

| EUVDEUVD-2026-45102 MEDIUM
Insufficiently Protected Credentials (CWE-522)
2026-07-17 VulnCheck GHSA-24g4-9847-8c6x
6.0
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
6.0 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.3 MEDIUM

AT:P prerequisite maps to AC:H in 3.1; PR:L reflects required lower-trust caller authentication; impact is confidentiality-only with no scope change.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jul 17, 2026 - 02:32 EUVD
Analysis Generated
Jul 17, 2026 - 01:06 vuln.today

DescriptionCVE.org

OpenClaw versions before 2026.5.28 Bot Framework contains an improper input validation vulnerability that allows lower-trust callers to expose bot tokens and credentials by failing to properly validate serviceUrl parameters. Attackers can supply malicious serviceUrl values through configured input paths to retrieve sensitive authentication data outside the trusted boundary.

AnalysisAI

Bot token and credential exposure in OpenClaw Bot Framework (versions before 2026.5.28) enables low-privilege authenticated callers to exfiltrate sensitive authentication data by supplying crafted serviceUrl values that circumvent trusted boundary validation. The flaw resides in the Microsoft Teams integration component (openclaw:msteams) and allows attackers to redirect credential-bearing requests to attacker-controlled endpoints, compromising bot tokens and downstream authentication secrets. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege bot credentials
Delivery
Identify serviceUrl-accepting input path
Exploit
Craft malicious serviceUrl pointing to attacker endpoint
Execution
Submit request through configured input path
Persist
Framework forwards bot tokens to attacker URL
Impact
Capture and replay exfiltrated credentials

Vulnerability AssessmentAI

Exploitation Exploitation requires a caller with low-privilege authenticated access (PR:L per CVSS 4.0 vector) who can submit input to a configured path that accepts and processes the serviceUrl parameter. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N) scores 6.0, balancing high confidentiality impact against meaningful pre-conditions: low-privilege authentication (PR:L) and a specific attack prerequisite (AT:P). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker holding a low-privilege account or API key for an OpenClaw-integrated Microsoft Teams bot sends a request through a configured input path that includes a malicious serviceUrl pointing to attacker-controlled infrastructure. The unpatched framework processes the parameter without validation and issues a credential-bearing request - including bot tokens - to the attacker's endpoint, where the tokens are captured and can be replayed for subsequent impersonation or data access. …
Remediation Upgrade OpenClaw to version 2026.5.28 or later, which introduces proper serviceUrl parameter validation. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-62214 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy