OpenClaw Improper Authorization Vulnerability in Node Pair Approval via Operator Write Scope
Vulnerability
A vulnerability exists in OpenClaw versions prior to 2026.4.8, where the node.pair.approve method improperly authorizes pairing approvals. The method accepts operator.write scope instead of the more restrictive operator.pairing scope. This flaw allows unprivileged users to approve node pairing, potentially granting unauthorized access to exec-capable nodes. The issue arises because the operator.write permissions can be exploited to bypass pairing approval restrictions.
Impact
Exploitation of this vulnerability allows unprivileged users to approve node pairing, bypassing authorization requirements and potentially gaining unauthorized access to exec-capable nodes.
Reproduction
To reproduce this vulnerability, an unprivileged user with operator.write permissions can use the node.pair.approve method to approve node pairing. This action will bypass the intended authorization restrictions, allowing access to exec-capable nodes.
Remediation
Users can upgrade to OpenClaw version 2026.4.8 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.