OpenClaw Trust-Decline Vulnerability in Remote Onboarding Process

A trust-decline vulnerability has been identified in OpenClaw versions prior to 2026.3.31. This vulnerability allows attackers to manipulate remote onboarding flows by preserving endpoints discovered during the onboarding process, even after a trust decline has been issued. As a result, gateway credentials can be routed to these malicious endpoints, as the declined URL can re-emerge in manual prompts that require operator approval.

Impact

Exploitation of this vulnerability could lead to unauthorized interception of gateway credentials, allowing attackers to access or manipulate gateway functions remotely.

Reproduction

To reproduce this vulnerability, initiate a remote onboarding process in an affected version of OpenClaw. During the process, an attacker can introduce a malicious endpoint. After the endpoint is discovered, decline the trust for that URL. However, due to the vulnerability, the declined URL will still be retained and can be routed to manual prompts that require operator acceptance, effectively bypassing the trust decline.

Remediation

Users can update to OpenClaw version 2026.3.31 or later, where this vulnerability has been patched.