GHSA-H656-5VCF-CM23

Vulnerability from github – Published: 2026-03-03 19:08 – Updated: 2026-03-03 19:08
VLAI
Summary
OpenClaw: Unauthorized Telegram Senders Trigger Media Download and Disk Write Before Access Check
Details

Impact

In Telegram DM mode, inbound media was downloaded and written to disk before sender authorization checks completed. An unauthorized sender could trigger inbound media download/write activity (including media groups) even when DM access should be denied.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published version currently affected: 2026.2.23
  • Vulnerable range: <= 2026.2.23
  • Patched in planned next release: 2026.2.24

Fix Commit(s)

  • 9514201fb9b51de5d0b23151110d0ff5d9c8bd67

Technical Details

The Telegram handler flow now enforces DM authorization before media download/write paths execute, including media-group handling. Inbound channel activity tracking was also moved to run after DM authorization in the Telegram message context path.

Release Process Note

patched_versions is pre-set to the planned next release (2026.2.24). After npm publish, the advisory can be published without further version-field edits.

OpenClaw thanks @v8hid for reporting.

Publication Update (2026-02-25)

openclaw@2026.2.24 is published on npm and contains the fix commit(s) listed above. This advisory now marks >= 2026.2.24 as patched.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.2.23"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.24"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-208",
      "CWE-404",
      "CWE-406",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-03T19:08:30Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "## Impact\n\nIn Telegram DM mode, inbound media was downloaded and written to disk before sender authorization checks completed. An unauthorized sender could trigger inbound media download/write activity (including media groups) even when DM access should be denied.\n\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Latest published version currently affected: `2026.2.23`\n- Vulnerable range: `\u003c= 2026.2.23`\n- Patched in planned next release: `2026.2.24`\n\n## Fix Commit(s)\n\n- `9514201fb9b51de5d0b23151110d0ff5d9c8bd67`\n\n## Technical Details\n\nThe Telegram handler flow now enforces DM authorization before media download/write paths execute, including media-group handling. Inbound channel activity tracking was also moved to run after DM authorization in the Telegram message context path.\n\n## Release Process Note\n\n`patched_versions` is pre-set to the planned next release (`2026.2.24`). After npm publish, the advisory can be published without further version-field edits.\n\nOpenClaw thanks @v8hid for reporting.\n\n\n### Publication Update (2026-02-25)\n`openclaw@2026.2.24` is published on npm and contains the fix commit(s) listed above. This advisory now marks `\u003e= 2026.2.24` as patched.",
  "id": "GHSA-h656-5vcf-cm23",
  "modified": "2026-03-03T19:08:30Z",
  "published": "2026-03-03T19:08:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-h656-5vcf-cm23"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/9514201fb9b51de5d0b23151110d0ff5d9c8bd67"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "OpenClaw: Unauthorized Telegram Senders Trigger Media Download and Disk Write Before Access Check"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…