Executive Summary

CVE-2026-35657 is an authorization bypass vulnerability in OpenClaw versions prior to 2026.3.25. It exists in the HTTP endpoint `/sessions/:sessionKey/history`, where the system fails to properly enforce the `operator.read` scope validation.

Because of this flaw, attackers with limited privileges can access session history data without having the necessary operator read permissions by sending crafted HTTP requests to the vulnerable endpoint.

This vulnerability is classified under CWE-863 (Incorrect Authorization) and CWE-639 (Authorization Bypass Through User-Controlled Key), indicating improper authorization checks and failure to prevent unauthorized data access.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows unauthorized access to session history data by bypassing operator.read scope validation. This unauthorized access to potentially sensitive session information could lead to violations of data protection and privacy regulations such as GDPR and HIPAA, which require strict access controls and protection of personal and sensitive data.

By failing to enforce proper authorization checks, the vulnerability increases the risk of unauthorized disclosure of user or operator session data, which may result in non-compliance with standards that mandate confidentiality and integrity of protected information.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows unauthorized users to access sensitive session history data without proper permissions.

Attackers can exploit this flaw to read session histories that they should not have access to, potentially exposing confidential or private information.

Since the vulnerability bypasses authorization checks, it can lead to data exposure and compromise the confidentiality of user sessions.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests to the `/sessions/:sessionKey/history` endpoint and checking if unauthorized access to session history data is possible without the `operator.read` scope.

One way to detect exploitation attempts is to capture and analyze HTTP traffic targeting this endpoint, looking for requests that access session history without proper authorization.

Suggested commands include using tools like curl or HTTP clients to test access control enforcement, for example:

• curl -i -H "Authorization: Bearer <token_without_operator.read_scope>" https://<openclaw_server>/sessions/<sessionKey>/history
• If the response returns session history data despite the token lacking the `operator.read` scope, the system is vulnerable.

Additionally, network monitoring tools or intrusion detection systems can be configured to alert on unusual access patterns to this endpoint.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade OpenClaw to version 2026.3.25 or later, where the authorization bypass vulnerability in the `/sessions/:sessionKey/history` route has been fixed.

If upgrading immediately is not possible, restrict access to the vulnerable endpoint by implementing network-level controls such as firewall rules or API gateway policies to limit access only to trusted users or services.

Review and enforce strict authorization checks on bearer tokens to ensure that only tokens with the `operator.read` scope can access session history data.

Monitor logs and network traffic for suspicious access attempts to the `/sessions/:sessionKey/history` endpoint and respond accordingly.

Useful 0 Not Useful 0