2 matches found
Authentication Bypass Using an Alternate Path or Channel
Overview @openclaw/voice-call is an OpenClaw voice-call plugin Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the Telegram webhook endpoint when webhook mode is enabled without a configured secret. An attacker can impersonate...
Authentication Bypass Using an Alternate Path or Channel
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the Telegram webhook endpoint when webhook mode is enabled without a configured secret. An attacker can impersonate authorized...