Primary

Context

OpenClaw Remote Code Execution Vulnerability via Node Scope Gate Bypass

Vulnerability

A remote code execution vulnerability exists in OpenClaw versions prior to 2026.3.31. This issue allows a device-paired node to bypass the node scope gate authentication, enabling attackers with device pairing credentials to execute arbitrary node commands on the host system without proper validation of node pairing.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the host system.

Reproduction

To reproduce this vulnerability, first pair a node device with the OpenClaw application. Once paired, the node can bypass the authentication mechanism of the node scope gate. An attacker can then execute commands on the host system through the node, taking advantage of the lack of validation for the node pairing.

Remediation

Users can update to OpenClaw version 2026.3.31 or later to address this vulnerability.

Added: Apr 23, 2026, 10:26 PM

Updated: Apr 23, 2026, 10:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.3

remediation

0.0

relevance

6.5

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.3

remediation

0.0

relevance

6.5

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw Remote Code Execution Vulnerability via Node Scope Gate Bypass

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating