OpenClaw Privilege Escalation Vulnerability in Gateway Plugin Subagent DeleteSession Function
Vulnerability
A privilege escalation vulnerability has been identified in OpenClaw versions prior to 2026.3.25. The issue resides in the gateway plugin subagent fallback deleteSession function, which improperly uses a synthetic operator.admin runtime scope. This vulnerability allows attackers to delete sessions without a request-scoped client, thereby executing privileged operations with unintended administrative authority.
Impact
Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling attackers to perform administrative actions without proper authorization.
Reproduction
The vulnerability can be reproduced by invoking the deleteSession function in the gateway plugin subagent fallback context, without a request-scoped client. This will trigger the deletion process using a synthetic operator.admin scope, thereby bypassing normal scope restrictions and allowing unauthorized administrative actions.
Remediation
Users can upgrade to OpenClaw version 2026.3.25 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.