Primary

Context

OpenClaw Webhook Replay Vulnerability in Plivo V3 Signature Verification

Vulnerability

A webhook replay vulnerability has been identified in OpenClaw versions prior to 2026.3.28. This issue arises in the Plivo V3 signature verification process, which canonicalizes query ordering for signatures but hashes raw URLs for replay detection. As a result, attackers can reorder query parameters to bypass replay cache detection and trigger duplicate voice-call processing using a captured valid signed webhook.

Impact

Exploitation of this vulnerability allows an attacker to replay a valid signed Plivo V3 webhook by reordering query parameters, bypassing replay cache detection, and causing duplicate processing of voice calls.

Remediation

Users can upgrade to OpenClaw version 2026.3.28 or later to address this vulnerability.

Added: Apr 28, 2026, 9:13 PM

Updated: Apr 28, 2026, 9:13 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.0

remediation

0.0

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.0

remediation

0.0

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw Webhook Replay Vulnerability in Plivo V3 Signature Verification

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating