Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
OpenClaw 2026.2.22-2026.2.24 allows unauthorized access to admin privileges
GHSA-553v-f69r-656j
Summary
A security issue in OpenClaw versions 2026.2.22 to 2026.2.24 allows attackers to gain administrator access without proper authorization. To fix this, OpenClaw users should update to version 2026.2.25, which requires pairing for operator device-identity sessions authenticated with shared token/password auth. This update is available now on npm.
What to do
- Update openclaw to version 2026.2.25.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | > 2026.2.22 , <= 2026.2.24 | 2026.2.25 |
Original title
OpenClaw unpaired device identity can bypass operator pairing and self-assign operator scopes with shared auth
Original description
### Summary
A client using shared gateway auth could attach an unpaired device identity and request elevated operator scopes (including `operator.admin`) before pairing approval, enabling privilege escalation.
### Impact
Attackers with valid shared gateway auth could self-assign higher operator scopes by presenting a self-signed, unpaired device identity.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected: `>= 2026.2.22 <= 2026.2.24`
- Latest published npm at triage time: `2026.2.24`
- Planned patched release: `2026.2.25`
### Remediation
Require pairing for operator device-identity sessions authenticated with shared token/password auth (except existing control-ui trusted-proxy/control-ui bypass policy paths).
### Fix Commit(s)
- `8d1481cb4a9d31bd617e52dc8c392c35689d9dea`
### Release Process Note
`patched_versions` is pre-set to the release (`>= 2026.2.25`). Advisory published with npm release `2026.2.25`.
OpenClaw thanks @tdjackey for reporting.
A client using shared gateway auth could attach an unpaired device identity and request elevated operator scopes (including `operator.admin`) before pairing approval, enabling privilege escalation.
### Impact
Attackers with valid shared gateway auth could self-assign higher operator scopes by presenting a self-signed, unpaired device identity.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected: `>= 2026.2.22 <= 2026.2.24`
- Latest published npm at triage time: `2026.2.24`
- Planned patched release: `2026.2.25`
### Remediation
Require pairing for operator device-identity sessions authenticated with shared token/password auth (except existing control-ui trusted-proxy/control-ui bypass policy paths).
### Fix Commit(s)
- `8d1481cb4a9d31bd617e52dc8c392c35689d9dea`
### Release Process Note
`patched_versions` is pre-set to the release (`>= 2026.2.25`). Advisory published with npm release `2026.2.25`.
OpenClaw thanks @tdjackey for reporting.
ghsa CVSS4.0
5.3
Vulnerability type
CWE-863
Incorrect Authorization
Published: 3 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026