PT-2026-25488 · Npm · Openclaw

Published

2026-03-03

·

Updated

2026-03-03

CVSS v4.0

8.3

High

VectorAV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

Summary (Updated March 2, 2026)

Encoded alternate-path requests could bypass plugin route auth checks for /api/channels/* due to canonicalization depth mismatch in vulnerable builds.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published vulnerable version: 2026.3.1
  • Affected range: <= 2026.3.1
  • Patched release: 2026.3.2 (patched versions: >= 2026.3.2)

Technical Details

In affected versions, plugin auth-path classification and route-path canonicalization could diverge for deeply encoded slash variants (for example multi-encoded %2f). That mismatch allowed alternate encoded paths to evade protected-prefix auth checks while still resolving to /api/channels/... in plugin route handling.
The fix set hardens this class of issue by:
  • canonicalizing route paths to a bounded fixpoint,
  • failing closed on malformed or unresolved canonicalization depth,
  • requiring explicit plugin-route auth contracts (no implicit auth default),
  • enforcing route ownership/conflict guards for duplicate route registrations, and
  • using shared webhook route lifecycle registration to avoid stale/conflicting route surfaces.

Affected Deployments

Deployments exposing plugin HTTP routes and relying on gateway auth for /api/channels/* protection.

Fix Commit(s)

  • 93b07240257919f770d1e263e1f22753937b80ea
  • 2fd8264ab03bd178e62a5f0c50d1c8556c17f12d
  • d74bc257d8432f17e50b23ae713d7e0623a1fe0f
  • 7a7eee920a176a0043398c6b37bf4cc6eb983eeb

Fix

Authentication Bypass Using an Alternate Path or Channel

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-288

Related Identifiers

GHSA-V865-P3GQ-HW6M

Affected Products

Openclaw