OpenClaw Privilege Escalation Vulnerability via Unpaired Device Identity in Shared Gateway Authentication

A privilege escalation vulnerability has been identified in OpenClaw versions 2026.2.22 prior to 2026.2.25. This vulnerability allows unpaired device identities to bypass operator pairing requirements and self-assign elevated operator scopes, including 'operator.admin'. Attackers with valid shared gateway authentication can present a self-signed unpaired device identity to request and obtain higher operator scopes before pairing approval is granted.

Impact

Exploitation of this vulnerability allows for unauthorized self-assignment of elevated operator scopes, including administrative privileges, bypassing normal pairing requirements.

Reproduction

To reproduce this vulnerability, first authenticate with a valid shared gateway token. Then, send a WebSocket connection request from an unpaired device identity, including a request for elevated operator scopes such as 'operator.admin'. The absence of a pairing approval will not prevent the assignment of these higher scopes.

Remediation

Users are advised to update to OpenClaw version 2026.2.25 or later, and to require pairing for operator device-identity sessions authenticated with shared token/password auth.