5 matches found
Incorrect Authorization
Overview @openclaw/matrix is an OpenClaw Matrix channel plugin Affected versions of this package are vulnerable to Incorrect Authorization via the DM pairing-store process. An attacker can gain unauthorized access to privileged room control commands by leveraging DM-paired sender IDs to bypass...
Incorrect Authorization
Overview @openclaw/matrix is an OpenClaw Matrix channel plugin Affected versions of this package are vulnerable to Incorrect Authorization via the operator.write message-tool. An attacker can modify persistent Matrix profile configuration without proper authorization by sending crafted requests...
Incorrect Authorization
Overview @openclaw/matrix is an OpenClaw Matrix channel plugin Affected versions of this package are vulnerable to Incorrect Authorization in the process that fetches thread root and reply context, which bypasses the sender allowlist. An attacker can gain unauthorized access to message threads by...
Incorrect Authorization
Overview @openclaw/matrix is an OpenClaw Matrix channel plugin Affected versions of this package are vulnerable to Incorrect Authorization via the DM access check process. An attacker can interact with unpaired or unauthorized DM peers by sending verification notices that bypass intended access...
Incorrect Authorization
Overview @openclaw/matrix is an OpenClaw Matrix channel plugin Affected versions of this package are vulnerable to Incorrect Authorization through improper access control in the pairing store process. An attacker can gain unauthorized access to another account's direct message pairing by leveragi...