Executive Summary

CVE-2026-45001 is a security vulnerability in OpenClaw versions before 2026.4.20 that allows an attacker to bypass authorization guards in the agent-facing gateway config.patch and config.apply endpoints.

This flaw permits a model with access to the owner-only gateway tool to make unauthorized changes to critical operator-trusted settings such as sandbox policy, plugin enablement, gateway authentication and TLS settings, hook routing, MCP server configuration, SSRF policy, and filesystem hardening.

The root cause is missing authorization checks (CWE-862), which means the system fails to properly restrict access to these sensitive configurations.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow an attacker with limited access (a model with owner-only gateway tool access) to persist unauthorized changes to critical system configurations.

• Modification of sandbox policies could weaken security isolation.
• Changing plugin enablement settings might allow malicious or untrusted plugins to run.
• Altering gateway authentication and TLS settings could compromise secure communications.
• Manipulating hook routing and MCP server configurations could disrupt system operations or enable further attacks.
• Adjusting SSRF policies and filesystem hardening could expose the system to server-side request forgery attacks or weaken filesystem protections.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate the vulnerability CVE-2026-45001 in OpenClaw, you should immediately update OpenClaw to version 2026.4.20 or later, as this version contains the patch that fixes the authorization bypass flaw.

The patch tightens the gateway configuration mutation guard to prevent unauthorized modifications to critical operator-trusted settings such as sandbox policy, plugin enablement, gateway authentication/TLS, hook routing, MCP server configuration, SSRF policy, and filesystem hardening.

Ensure that only authorized users have access to the owner-only gateway tool, as the vulnerability requires access to this tool to be exploited.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows unauthorized changes to critical operator-trusted settings such as sandbox policy, plugin enablement, gateway authentication/TLS, hook routing, MCP server configuration, SSRF policy, and filesystem hardening. This unauthorized access and modification could potentially lead to data exposure or compromise of system integrity.

Such unauthorized changes may impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls over data protection, system integrity, and access management. By bypassing authorization controls, the vulnerability could undermine these compliance requirements, increasing the risk of data breaches or unauthorized data processing.

Therefore, organizations using vulnerable versions of OpenClaw should apply the patch promptly to maintain compliance with relevant security and privacy regulations.

Useful 0 Not Useful 0