OpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice Config

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Talk Voice configuration persistence. Attackers with operator.write privileges can exploit the chat.send endpoint to reach and modify sensitive voice configuration settings intended for administrators only.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

授权机制不正确

OpenClaw 安全漏洞

OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw 2026.3.28之前版本存在安全漏洞，该漏洞源于权限提升漏洞，允许具有写入权限的经过身份验证的操作员访问管理员级别的Talk Voice配置持久化。具有operator.write权限的攻击者可以利用chat.send端点访问和修改仅限管理员的敏感语音配置设置。

N/A

N/A