CVE-2026-35621

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.24

Description OpenClaw versions before 2026.3.24 contain a privilege escalation issue. The /allowlist command does not properly re-validate gateway client scopes for internal callers, allowing clients with operator.write scope to modify channel authorization policies. An attacker can leverage chat.send to create an internal command-authorized context and persistently alter channel allowFrom and groupAllowFrom policies, which are normally restricted to operator.admin scope. The vulnerability arises because the /allowlist command persists channel authorization configuration through writeConfigFile() without enforcing the necessary operator.admin scope check for internal gateway callers, unlike /config and /plugins commands. This allows a client authenticated with operator.write to indirectly modify channel authorization state, weakening the control-plane privilege separation.

Recommendations Update to OpenClaw version 2026.3.24 or later to resolve this issue.