OpenClaw Privilege Escalation Vulnerability in Telegram Integration
Vulnerability
A privilege escalation vulnerability has been identified in OpenClaw versions prior to 2026.3.28. This vulnerability allows authenticated operators with write permissions to access sensitive administrative Telegram configuration and cron persistence settings through the send endpoint. Exploitation of this vulnerability could lead to unauthorized modifications of important administrative functions and persistence mechanisms.
Impact
Exploitation of this vulnerability allows operators with write permissions to access and modify admin-level Telegram configuration and cron persistence settings, potentially leading to unauthorized changes in how tasks are scheduled and managed within the application.
Reproduction
To reproduce this vulnerability, an authenticated operator with write permissions can send a request to the 'send' endpoint, including a 'gatewayClientScopes' parameter that contains the 'operator.write' scope. This request will bypass normal access controls and allow the operator to modify admin-level Telegram and cron settings.
Remediation
Users can update to OpenClaw version 2026.3.28 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.