Main Vulnerability Database Vulnerabilities #VU125174

#VU125174 Improper access control in OpenClaw

Published: April 8, 2026

Vulnerability identifier: #VU125174

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: N/A

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenClaw

Software vendor:
OpenClaw

Description

The vulnerability allows a remote attacker to bypass Canvas HTTP and WebSocket authentication.

The vulnerability exists due to improper access control in authorizeCanvasRequest(...) in src/gateway/server/http-auth.ts when handling local-direct loopback Canvas and A2UI requests. A remote attacker can send specially crafted loopback Canvas HTTP or WebSocket requests to bypass Canvas HTTP and WebSocket authentication.

The issue affects local-direct loopback requests that were treated as an unconditional allow path before bearer authentication or an active node canvas capability was checked.

Remediation

Install security update from vendor's website.

External links

https://github.com/openclaw/openclaw/security/advisories/GHSA-6mqc-jqh6-x8fc

#VU125174 Improper access control in OpenClaw

Description

Remediation

External links

Please verify you're human