Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
OpenClaw Gateway Connect Allows Unauthorized Access
CVE-2026-28472
GHSA-rv39-79c4-7459
GHSA-rv39-79c4-7459
Summary
A recent security update fixes a flaw that allowed unauthorized access to OpenClaw's gateway by connecting without proper authentication. If your OpenClaw gateway is exposed to the public internet, you should update to the latest version to prevent potential unauthorized access. Consider restricting access to the gateway to trusted networks and users.
What to do
- Update steipete openclaw to version 2026.2.2.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| steipete | openclaw | <= 2026.2.2 | 2026.2.2 |
| openclaw | openclaw | <= 2026.2.2 | – |
Original title
OpenClaw's gateway connect could skip device identity checks when auth.token was present but not yet validated
Original description
### Summary
The gateway WebSocket `connect` handshake could allow skipping device identity checks when `auth.token` was present but not yet validated.
### Details
In `src/gateway/server/ws-connection/message-handler.ts`, the device-identity requirement could be bypassed based on the *presence* of a non-empty `connectParams.auth.token` rather than a *validated* shared-secret authentication result.
### Impact
In deployments where the gateway WebSocket is reachable and connections can be authorized via Tailscale without validating the shared secret, a client could connect without providing device identity/pairing. Depending on version and configuration, this could result in operator access.
### Deployment Guidance
Per OpenClaw security guidance, the gateway should only be reachable from a trusted network and by trusted users (for example, restrict Tailnet users/ACLs when using Tailscale Serve).
If the gateway WebSocket is only reachable by trusted users, there is typically no untrusted party with network access to exploit this issue.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected: `<= 2026.2.1`
- Fixed: `>= 2026.2.2`
### Fix
Device-identity skipping now requires *validated* shared-secret authentication (token/password). Tailscale-authenticated connections without validated shared secret require device identity.
### Fix Commit(s)
- fe81b1d7125a014b8280da461f34efbf5f761575
Thanks @simecek for reporting.
The gateway WebSocket `connect` handshake could allow skipping device identity checks when `auth.token` was present but not yet validated.
### Details
In `src/gateway/server/ws-connection/message-handler.ts`, the device-identity requirement could be bypassed based on the *presence* of a non-empty `connectParams.auth.token` rather than a *validated* shared-secret authentication result.
### Impact
In deployments where the gateway WebSocket is reachable and connections can be authorized via Tailscale without validating the shared secret, a client could connect without providing device identity/pairing. Depending on version and configuration, this could result in operator access.
### Deployment Guidance
Per OpenClaw security guidance, the gateway should only be reachable from a trusted network and by trusted users (for example, restrict Tailnet users/ACLs when using Tailscale Serve).
If the gateway WebSocket is only reachable by trusted users, there is typically no untrusted party with network access to exploit this issue.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected: `<= 2026.2.1`
- Fixed: `>= 2026.2.2`
### Fix
Device-identity skipping now requires *validated* shared-secret authentication (token/password). Tailscale-authenticated connections without validated shared secret require device identity.
### Fix Commit(s)
- fe81b1d7125a014b8280da461f34efbf5f761575
Thanks @simecek for reporting.
nvd CVSS3.1
8.1
nvd CVSS4.0
9.2
Vulnerability type
CWE-306
Missing Authentication for Critical Function
- https://github.com/openclaw/openclaw/commit/fe81b1d7125a014b8280da461f34efbf5f76...
- https://github.com/openclaw/openclaw/security/advisories/GHSA-rv39-79c4-7459
- https://github.com/openclaw/openclaw/releases/tag/v2026.2.2
- https://github.com/advisories/GHSA-rv39-79c4-7459
- https://www.vulncheck.com/advisories/openclaw-device-identity-check-bypass-in-ga...
- https://nvd.nist.gov/vuln/detail/CVE-2026-28472
- https://github.com/openclaw/openclaw Product
Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026