OpenClaw Authorization Bypass Vulnerability in Gateway Agent RPC Allowing Workspace Boundary Override
Vulnerability
An authorization bypass vulnerability has been identified in OpenClaw versions prior to 2026.3.11. This vulnerability exists in the gateway agent RPC, where authenticated operators with operator.write permission can override workspace boundaries. By supplying attacker-controlled spawnedBy and workspaceDir values, these operators can escape the configured workspace boundary and execute arbitrary file and exec operations from any process-accessible directory.
Impact
Exploitation of this vulnerability allows non-owner operators to bypass workspace boundaries and execute files or commands from any directory accessible by the process, potentially leading to unauthorized access or manipulation of files and system resources.
Remediation
Users can upgrade to OpenClaw version 2026.3.11 or later to address this vulnerability. The patched version enforces workspace boundaries for agent runs, regardless of any overrides supplied by the caller.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.