3 matches found
Improper Handling of Insufficient Permissions or Privileges
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via the operator.write module reaching admin-class Talk Voice configuration persistence through chat.send. An attacker can gain...
Missing Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization in the extensions/discord/src/monitor/agent-components.ts process. An attacker can bypass intended access restrictions by triggering privileged component actions fro...
Weak Password Requirements
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Weak Password Requirements via the authentication process. An attacker can bypass intended authentication mechanisms by sending a high volume of password guesses without restriction...