CVE-2026-22172
Received Received - Intake
Authorization Bypass in OpenClaw WebSocket Enables Admin Access

Publication date: 2026-03-20

Last updated on: 2026-03-24

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.3.12 contain an authorization bypass vulnerability in the WebSocket connect path that allows shared-token or password-authenticated connections to self-declare elevated scopes without server-side binding. Attackers can exploit this logic flaw to present unauthorized scopes such as operator.admin and perform admin-only gateway operations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-20
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-22172
EUVD
EUVD-2026-13704
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.3.12 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-22172 is a critical authorization bypass vulnerability in OpenClaw versions prior to 2026.3.12 affecting the WebSocket connection path.

The flaw allows shared-token or password-authenticated WebSocket connections to self-declare elevated scopes without proper server-side binding.

Attackers can exploit this logic flaw to present unauthorized scopes such as operator.admin, enabling them to perform admin-only gateway operations without proper authorization.

Impact Analysis

This vulnerability allows attackers to escalate their privileges by self-declaring elevated scopes, such as operator.admin, on the OpenClaw gateway.

As a result, unauthorized users can perform administrative operations on the gateway, potentially compromising the confidentiality, integrity, and availability of the system.

Because the attack requires only low privileges and no user interaction, it can be exploited remotely over the network, making it highly dangerous.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate the CVE-2026-22172 vulnerability, you should upgrade OpenClaw to version 2026.3.12 or later, where the issue has been fixed.

The fix involves clearing unbound scopes for non-Control-UI shared-auth connections and adding regression tests to prevent this authorization bypass.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22172. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart