Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-31998 is an authorization bypass vulnerability in OpenClaw versions 2026.2.22 and 2026.2.23, specifically affecting the Synology Chat channel plugin. When the direct message policy (dmPolicy) is set to "allowlist" but the allowedUserIds list is empty, the system incorrectly fails open, allowing unauthorized users to send messages.'}, {'type': 'paragraph', 'content': 'This means that attackers who have Synology sender access can bypass authorization checks and trigger unauthorized agent dispatches and downstream tool actions, despite not being explicitly allowed.'}, {'type': 'paragraph', 'content': 'The root cause is that an empty allowlist was treated as allowing all users, instead of blocking all users, which is a failure of proper access control.'}] [1, 2, 3, 4]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow attackers with Synology sender access to bypass authorization controls and perform unauthorized actions within the OpenClaw system.

• Attackers can dispatch agents without permission.
• They can trigger downstream tool actions that should be restricted.

Such unauthorized actions could lead to misuse of system resources, potential data exposure, or disruption of normal operations.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'Detection of this vulnerability involves checking the configuration of the synology-chat channel plugin in OpenClaw, specifically the dmPolicy setting and the allowedUserIds list.'}, {'type': 'list_item', 'content': 'Verify if dmPolicy is set to "allowlist".'}, {'type': 'list_item', 'content': 'Check if the allowedUserIds list is empty or unset.'}, {'type': 'paragraph', 'content': 'If dmPolicy is "allowlist" and allowedUserIds is empty, the system is vulnerable because it fails open, allowing unauthorized access.'}, {'type': 'paragraph', 'content': 'Since the vulnerability relates to configuration, you can detect it by inspecting the plugin configuration files or querying the plugin settings.'}, {'type': 'paragraph', 'content': 'No specific network or system commands are provided in the resources, but a practical approach would be to use commands or scripts to extract and verify the dmPolicy and allowedUserIds values from the OpenClaw configuration or plugin settings.'}] [2, 3, 4]

Useful 0 Not Useful 0

Mitigation Strategies

[{'type': 'paragraph', 'content': 'The immediate mitigation steps are to update OpenClaw to version 2026.2.24 or later, where the vulnerability has been fixed.'}, {'type': 'paragraph', 'content': 'If updating is not immediately possible, ensure that the dmPolicy is not set to "allowlist" with an empty allowedUserIds list.'}, {'type': 'list_item', 'content': 'Configure allowedUserIds with explicit user IDs to avoid an empty allowlist.'}, {'type': 'list_item', 'content': 'Alternatively, change dmPolicy to "open" to allow all users if that fits your security requirements.'}, {'type': 'paragraph', 'content': 'These steps prevent unauthorized users from bypassing authorization checks and triggering unauthorized actions.'}] [1, 2, 3, 4]

Useful 0 Not Useful 0