Executive Summary

CVE-2026-32905 is an authorization bypass vulnerability in OpenClaw versions before 2026.5.4, specifically in the bundled device-pair plugin.

This flaw allows authorized chat users who are not owners to issue device-pairing bootstrap codes without proper permission checks. Attackers with access to chat commands via platforms like Telegram, Discord, or Slack can exploit this to generate setup codes.

Using these setup codes, attackers can enroll devices with operator or node capabilities, gaining persistent credentials that remain valid until manually removed.

The root cause is an incorrect authorization check (CWE-863), and the vulnerability has a high severity score (CVSS v3.1 base score 8.3, CVSS v4.0 base score 8.7).

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow attackers with chat command access to enroll unauthorized devices with elevated operator or node capabilities.

Such unauthorized devices gain persistent credentials, potentially compromising the confidentiality and integrity of the system.

Attackers could maintain long-term access until the unauthorized devices are manually removed, increasing the risk of data breaches or unauthorized operations.

The availability impact is considered low, but the overall risk is high due to the elevated privileges granted.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by reviewing chat command access logs for unauthorized issuance of device-pairing bootstrap codes. Since the issue involves attackers with chat command access creating setup codes, monitoring commands sent via configured chat channels (such as Telegram, Discord, or Slack agents) where the device-pair plugin is enabled is essential.

Specifically, detection involves checking for any device-pairing bootstrap codes issued by non-owner or unauthorized users. Reviewing paired devices for unexpected operator or node enrollments can also indicate exploitation.

No explicit commands are provided in the available resources, but suggested approaches include:

• Audit chat command logs for issuance of device-pairing bootstrap codes by non-owner users.
• List currently paired devices and verify their enrollment source and capabilities.
• Restrict or monitor chat command permissions to limit who can issue device-pairing commands.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include upgrading OpenClaw to version 2026.5.4 or later, where the vulnerability is patched.

Additionally, users should review all currently paired devices and manually remove any unauthorized devices that may have been enrolled via this vulnerability.

It is also recommended to restrict or tightly control chat command access in shared chat channels to prevent unauthorized users from issuing device-pairing bootstrap codes.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows unauthorized issuance of device-pairing bootstrap codes, enabling attackers to enroll devices with operator or node capabilities and gain persistent credentials. This can lead to unauthorized access to sensitive data and systems, potentially compromising confidentiality and integrity.

Such unauthorized access and potential data breaches could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict access controls and protection of sensitive information.

Organizations using affected versions of OpenClaw should upgrade to the patched version 2026.5.4, review paired devices, and restrict command access in shared chat channels to mitigate risks and maintain compliance.

Useful 0 Not Useful 0