OpenClaw Gateway Node Invoke Approval Bypass Vulnerability Analysis
An RCE vulnerability in OpenClaw's gateway allows authenticated clients to bypass node execution approvals by manipulating parameters, posing a significant risk to connected systems.
Affected
The vulnerability arises from improper handling of params in the gateway, allowing injection of internal control fields like approved and approvalDecision. This causes node hosts to skip approval workflows, enabling unauthorized command execution. The impact is severe as it affects critical environments such as developer workstations and CI servers.
The PoC demonstrates how an attacker can exploit the lack of parameter sanitization to bypass security checks. It underscores the importance of validating all user-controlled inputs in gateways, highlighting a potential attack vector for compromising node hosts.
{'monitor_gateway_traffic': 'Monitor gateway logs for node.invoke requests with suspicious parameters, particularly those setting params.approved or manipulating approvalDecision. Use network sensors to detect anomalies and SIEM tools to correlate events.', 'log_analysis': 'Look for log entries where system.run commands are executed without corresponding approval records. Check for unexpected values in params.approved and params.approvalDecision fields.'}
{'apply_patches': 'Deploy OpenClaw 2026.2.14 to implement the fixes, which sanitize parameters and validate approvals properly.', 'input_validation': 'Enforce strict input validation on gateway parameters to prevent injection of unauthorized control fields.', 'audit_access_controls': 'Regularly review and enforce access controls to ensure only authorized users can invoke commands.'}
{'likelihood_exploitation': 'High', 'threat_actor_interest': 'High, especially for attackers seeking to escalate privileges within a network. The vulnerability provides a pathway for full system compromise once initial access is achieved.'}
Sources