Main Vulnerability Database Vulnerabilities #VU125240

#VU125240 Improper privilege management in OpenClaw

Published: April 8, 2026

Vulnerability identifier: #VU125240

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: N/A

CWE-ID: CWE-269

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenClaw

Software vendor:
OpenClaw

Description

The vulnerability allows a remote attacker to perform privileged runtime actions.

The vulnerability exists due to improper privilege management in plugin-auth HTTP routes when handling unauthenticated requests before plugin authentication completes. A remote attacker can send a request to plugin-auth routes to perform privileged runtime actions.

The issue is limited to plugin routes that actually touch privileged runtime actions before plugin authentication completes.

Remediation

Install security update from vendor's website.

External links

https://github.com/openclaw/openclaw/security/advisories/GHSA-mhgq-xpfq-6r66

#VU125240 Improper privilege management in OpenClaw

Description

Remediation

External links

Please verify you're human