Duplicate Advisory: OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send

GHSA-394x-274p-mqc6

Published Apr 24, 2026 · Modified May 6, 2026

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-767m-xrhc-fxm7. This link is maintained to preserve external references.

Original Description

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient access controls to reach sensitive administrative functionality and modify persistence mechanisms.

References

WEB https://github.com/openclaw/openclaw/security/advisories/GHSA-767m-xrhc-fxm7
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-41359
WEB https://github.com/openclaw/openclaw/commit/b7d70ade3b9900dbe97bd73be9c02e924ff3c986
WEB https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-operator-write-to-admin-class-telegram-config-and-cron-persistence

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes