This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: OpenClaw fails to sanitize the `node.invoke` parameter, specifically the internal approval field.β¦
π‘οΈ **Root Cause**: CWE-863 (Incorrect Authorization). The gateway does not clean/validate internal approval fields in the `node.invoke` input, allowing privilege escalation via parameter manipulation.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **OpenClaw** (Open-source AI assistant). π **Versions**: All versions **prior to 2026.2.14** are vulnerable. Ensure you are running the latest stable release.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: With valid gateway credentials, hackers can bypass approval gates. This allows them to execute arbitrary nodes, potentially leading to full system compromise or data exfiltration.
π **Public Exploit**: No specific PoC code is listed in the data. However, **VulnCheck** has published a detailed advisory describing the RCE vector. Expect community PoCs to emerge quickly given the clear logic flaw.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: 1. Check your OpenClaw version (`< 2026.2.14`). 2. Audit gateway logs for unusual `node.invoke` calls containing internal approval fields. 3.β¦
β **Official Fix**: **YES**. Patched in version **2026.2.14**. See GitHub Security Advisory **GHSA-gv46-4xfq-jv58** and commit `0af76f5` for details. Update immediately!
Q9What if no patch? (Workaround)
π§ **No Patch Workaround**: If you cannot update immediately: 1. Restrict gateway credential access strictly. 2. Implement WAF rules to block suspicious `node.invoke` payloads with internal approval fields. 3.β¦
β‘ **Urgency**: **HIGH**. CVSS Score indicates High Impact (C:H, I:H, A:H). Since it allows bypassing security gates with low effort, prioritize patching to **2026.2.14** or later ASAP to prevent RCE.