ZeptoClaw Webhook Channel Identity Trust Vulnerability Allowing Message Spoofing and Session Routing Abuse

A vulnerability exists in ZeptoClaw's generic webhook channel prior to version 0.7.6, where the application trusts caller-supplied identity fields, such as sender and chat_id, from the request body. This trust is misplaced as authentication is optional and defaults to disabled. An attacker who can access the POST /webhook endpoint can spoof an allowlisted sender and select arbitrary chat_id values. This exploitation leads to high-risk message spoofing and potential session routing abuses, similar to IDOR vulnerabilities.

Impact

Exploitation of this vulnerability allows for authentication and authorization bypasses, enabling identity spoofing and cross-chat or session routing control issues via attacker-chosen chat_id values. This could result in unauthorized actions being performed by downstream agents or tools, triggered by the injected payload.

Reproduction

To reproduce this vulnerability, configure the webhook channel with the default settings that leave authentication disabled. Once the application is running, send a POST request to the webhook endpoint with a forged JSON payload that includes a spoofed sender and an arbitrary chat_id. The server will accept the message as if it came from the trusted sender and route it according to the chosen chat_id, demonstrating the vulnerability.

Remediation

Users can update to ZeptoClaw version 0.7.6 or later, where this vulnerability is fixed. After updating, review and adjust the webhook channel configuration to ensure that authentication is enabled and properly managed.