OpenClaw Insufficient Scope Validation in Node Pairing Approval Path Vulnerability
Vulnerability
A vulnerability allowing low-privilege operators to approve nodes with broader scopes has been identified in OpenClaw versions prior to 2026.3.28. This issue arises from inadequate validation of callerScopes in the node pairing approval process, enabling operators to extend privileges on paired nodes beyond their authorized levels.
Impact
Exploitation of this vulnerability allows low-privilege operators to approve node pairing requests with elevated scopes, thereby extending unauthorized privileges on the paired nodes.
Reproduction
To reproduce this vulnerability, a low-privilege operator can approve a node pairing request by exploiting the missing validation of callerScopes in the node-pairing.ts file. This can be done by sending a request to the 'node.pair.approve' method without the necessary scopes, such as 'operator.write', which is required for approval. The absence of proper validation allows the operator to gain unauthorized access to broader privileges on the paired node.
Remediation
Users can upgrade to OpenClaw version 2026.3.28 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.