Main Vulnerability Database Vulnerabilities #VU125220

#VU125220 Improper Authorization in OpenClaw - CVE-2026-33576

Published: April 8, 2026

Vulnerability identifier: #VU125220

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-33576

CWE-ID: CWE-285

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenClaw

Software vendor:
OpenClaw

Description

The vulnerability allows a remote attacker to cause unauthorized network fetches and disk writes.

The vulnerability exists due to improper authorization in extensions/zalo/src/monitor.ts when processing inbound media messages before DM or pairing authorization checks. A remote attacker can send a message with media content to cause unauthorized network fetches and disk writes.

The message itself may still be rejected after the media is fetched and stored.

Remediation

Install security update from vendor's website.

External links

https://github.com/openclaw/openclaw/security/advisories/GHSA-v2v2-f783-358j

#VU125220 Improper Authorization in OpenClaw - CVE-2026-33576

Description

Remediation

External links

Please verify you're human