Executive Summary

This vulnerability exists in OpenClaw versions before 2026.3.22 and involves the way webhook reply deliveries are handled. Specifically, attackers can exploit the system's use of mutable username matching instead of stable numeric user identifiers to rebind chat replies to unintended users. By manipulating username changes, attackers can redirect webhook-triggered replies away from the intended recipients, bypassing the original binding recorded in webhook events.

Useful 0 Not Useful 0

Impact Analysis

The vulnerability can lead to unauthorized redirection of chat replies, meaning that sensitive or private information intended for a specific user could be delivered to a different, unintended user. This can result in information disclosure and potential misuse of data, undermining the confidentiality and integrity of communications within the affected system.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. This could lead to unauthorized access or misdelivery of messages, potentially exposing sensitive information.

Such unauthorized message redirection and potential data exposure could negatively impact compliance with data protection standards and regulations like GDPR and HIPAA, which require strict controls on personal data confidentiality and access.

The fix enforces reply delivery binding to stable numeric user IDs by default, reducing the risk of unauthorized access and helping maintain compliance with these regulations. Additionally, the legacy username-based matching is disabled by default and requires explicit opt-in with security warnings, further mitigating compliance risks.

Useful 0 Not Useful 0

Detection Guidance

Detection of this vulnerability involves checking the configuration of the Synology Chat integration within the OpenClaw platform to see if the legacy username-based reply matching is enabled.

Specifically, you should verify whether the configuration flag `dangerouslyAllowNameMatching` is set to true, as this flag enables the vulnerable legacy behavior.

Since the vulnerability is related to webhook reply delivery relying on mutable usernames instead of stable numeric user IDs, monitoring webhook events and logs for unexpected reply redirections or mismatches between intended and actual recipients could also help detect exploitation attempts.

There are no explicit commands provided in the available resources, but you can inspect your OpenClaw Synology Chat channel configuration files or settings for the presence and value of `dangerouslyAllowNameMatching`.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade your OpenClaw installation to version 2026.3.22 or later, where the issue has been fixed.

Ensure that the configuration flag `dangerouslyAllowNameMatching` is disabled (set to false) globally and per account, as enabling this flag re-enables the vulnerable legacy username-based reply matching.

Maintain the default direct message policy of "allowlist" to restrict message senders to a configured list, enhancing security.

Avoid enabling the `dangerouslyAllowNameMatching` flag unless absolutely necessary for legacy compatibility, and if enabled, be aware of the associated security warnings and risks.

Useful 0 Not Useful 0