Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
OpenClaw versions 2026.2.22 and 2026.2.23 contain an authorization bypass vulnerability in the synology-chat channel plugin where dmPolicy set to allowlist with empty allowedUserIds fails open. Attackers with Synology sender access can bypass authorization checks and trigger unauthorized agent dispatch and downstream tool actions.
AnalysisAI
Synology OpenClaw versions 2026.2.22 and 2026.2.23 contain an authorization bypass in the synology-chat channel plugin where misconfigured allowlist policies with empty user IDs fail open, allowing authenticated Synology senders to dispatch unauthorized agents and execute downstream tool actions. The vulnerability requires network access and low-complexity exploitation, with a patch currently available.
Technical ContextAI
This vulnerability affects OpenClaw (cpe:2.3:a:openclaw:openclaw), an agent framework integrating with Synology Chat. The root cause is CWE-863 (Incorrect Authorization), specifically a logic error in the synology-chat channel plugin's authorization implementation. When administrators configure the dmPolicy to use an allowlist but leave the allowedUserIds array empty, the system fails open rather than implementing secure-by-default behavior. This allows any Synology sender to pass authorization checks, enabling them to dispatch agents and invoke tool actions that should be restricted. The vulnerability represents a classic fail-open security pattern where an empty or undefined security control incorrectly permits access rather than denying it.
RemediationAI
Upgrade OpenClaw to a patched version by applying the security fixes available in commits 0ee30361b8f6ef3f110f3a7b001da6dd3df96bb5 and 7655c0cb3a47d0647cbbf5284e177f90b4b82ddb from the vendor repository at https://github.com/openclaw/openclaw/. Review all synology-chat plugin configurations to ensure dmPolicy allowlist settings include properly populated allowedUserIds arrays, or switch to deny-by-default authorization models. As an interim mitigation until patching, organizations can disable the synology-chat channel plugin entirely if not required for business operations, or implement network-level access controls to restrict Synology Chat integration endpoints to trusted IP ranges only. Consult the GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-gw85-xp4q-5gp9 for vendor-specific guidance.
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authe
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allo
Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharact
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before
An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remot
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allo
A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to exec
Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 all
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to acce
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Task Manager
Same weakness CWE-863 – Incorrect Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13035
GHSA-gw85-xp4q-5gp9