Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2026/03/21 3:31 a.m.8 views

Duplicate Advisory: OpenClaw's gateway tokenless Tailscale auth applied to HTTP routes

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hff7-ccv5-52f8. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway...

9.1CVSS5.7AI score0.00401EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/03/21 1:17 a.m.6 views

CVE-2026-32045

OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...

9.1CVSS0.00401EPSS
Exploits0References3
OSV
OSV
added 2026/03/21 1:17 a.m.4 views

CVE-2026-32045

OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...

5.9CVSS5.9AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/21 12:42 a.m.4 views

CVE-2026-32045 OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth

OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...

8.2CVSS5.8AI score0.00401EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/21 12:42 a.m.4 views

EUVD-2026-13939

OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...

8.2CVSS5.8AI score0.00401EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.5 views

PT-2026-26728

OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...

8.2CVSS5.8AI score0.00401EPSS
Exploits0References4
Rows per page
Query Builder