TROYANOSYVIRUS
Volver a CVEs

CVE-2026-41299

HIGH
7.1

Descripcion

OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the chat.send gateway method where ACP-only provenance fields are gated by self-declared client metadata from WebSocket handshake rather than verified authorization state. Authenticated operator clients can spoof ACP identity labels and inject reserved provenance fields intended only for the ACP bridge by manipulating client metadata during connection.

Detalles CVE

Puntuacion CVSS v3.17.1
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado4/21/2026
Ultima modificacion4/21/2026
Fuentenvd
Avistamientos honeypot0

Debilidades (CWE)

CWE-807

Referencias

https://github.com/openclaw/openclaw/security/advisories/GHSA-6xg4-82hv-cp6f(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/openclaw-client-identity-spoofing-in-chat-send-gateway-provenance-guard(disclosure@vulncheck.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.