Yianworks

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.3.11 **Description** OpenClaw is a personal AI assistant. Browser-originated WebSocket connections could bypass origin validation when `gateway.auth.mode` was set to `trusted-proxy` and the request arrived with proxy headers. This allowed a page served from an untrusted origin to connect through a trusted reverse proxy, inherit proxy-authenticated identity, and establish a privileged operator session. An attacker could request `operator.admin` access and call `config.get`, potentially exposing sensitive configuration. The issue affects deployments that expose the Gateway behind a trusted reverse proxy and rely on browser origin checks. The WebSocket handshake logic treated proxy-delivered requests as exempt from the generic browser origin check when an `Origin` header was present alongside proxy headers. **Recommendations** Upgrade to version 2026.3.11 or later. If you cannot upgrade immediately, avoid exposing browser-reachable Gateway WebSocket endpoints in `trusted-proxy` mode to untrusted origins, and ensure reverse-proxy/browser reachability is restricted to trusted origins only.