33 matches found
PT-2026-45601
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A logic error in multiple locations allows for the bypass of user interaction during the pairing of an LE Low Energy device. This flaw enables remote escalation of privilege for an adjacent...
CVE-2026-42432 OpenClaw < 2026.4.8 - Command Escalation via Node Pairing Reconnect Bypass
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without the operator.admin scope requirement. Attackers can bypass re-pairing authentication to execute privileged commands on the local assistant system...
CVE-2026-35663
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect as operator.admin, gaining unauthorized administrative privileges...
CVE-2026-35663 OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect as operator.admin, gaining unauthorized administrative privileges...
PT-2026-31972
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct messages to bypas...
EUVD-2026-13933
OpenClaw versions 2026.2.22 prior to 2026.2.25 contain a privilege escalation vulnerability allowing unpaired device identities to bypass operator pairing requirements and self-assign elevated operator scopes including operator.admin. Attackers with valid shared gateway authentication can present...
CVE-2026-32057
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
CVE-2026-32042
OpenClaw versions 2026.2.22 prior to 2026.2.25 contain a privilege escalation vulnerability allowing unpaired device identities to bypass operator pairing requirements and self-assign elevated operator scopes including operator.admin. Attackers with valid shared gateway authentication can present...
CVE-2026-32042
OpenClaw versions 2026.2.22 prior to 2026.2.25 contain a privilege escalation vulnerability allowing unpaired device identities to bypass operator pairing requirements and self-assign elevated operator scopes including operator.admin. Attackers with valid shared gateway authentication can present...
CVE-2026-32042
OpenClaw version set
PT-2026-26739
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
PT-2026-26725
OpenClaw versions 2026.2.22 prior to 2026.2.25 contain a privilege escalation vulnerability allowing unpaired device identities to bypass operator pairing requirements and self-assign elevated operator scopes including operator.admin. Attackers with valid shared gateway authentication can present...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13595)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the gateway WebSocket connection handshake allowing device identity checks to be skipped when auth.token is present but not verified, which can be...
GHSA-VVGP-4C28-M3JM OpenClaw has a Trusted-proxy Control UI pairing bypass which allows unpaired node sessions
Summary A trusted-proxy Control UI pairing bypass accepted client.id=control-ui without device identity checks. The bypass did not require operator role, so an authenticated node role session could connect unpaired and reach node event methods. Impact With trusted-proxy authentication enabled, a...
OpenClaw has a Trusted-proxy Control UI pairing bypass which allows unpaired node sessions
Summary A trusted-proxy Control UI pairing bypass accepted client.id=control-ui without device identity checks. The bypass did not require operator role, so an authenticated node role session could connect unpaired and reach node event methods. Impact With trusted-proxy authentication enabled, a...
GHSA-553V-F69R-656J OpenClaw unpaired device identity can bypass operator pairing and self-assign operator scopes with shared auth
Summary A client using shared gateway auth could attach an unpaired device identity and request elevated operator scopes including operator.admin before pairing approval, enabling privilege escalation. Impact Attackers with valid shared gateway auth could self-assign higher operator scopes by...
EUVD-2025-19417
Malicious code in bioql PyPI...
CVE-2025-30133
An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password...
IROAD Dashcam FX2 安全漏洞
IROAD Dashcam FX2 is a car recorder from IROAD, a South Korean company. A security vulnerability exists in IROAD Dashcam FX2, which stems from a device pairing bypass that allows an attacker to directly access the management interface after accessing it with a default password...
Amazon Cloud Cam 安全漏洞
Amazon Cloud Cam is an HD webcam from Amazon. A security vulnerability exists in Amazon Cloud Cam that stems from the device's default pairing state allowing bypassing SSL fixes, which could lead to network traffic interception and modification...