NextGuard
UNKNOWNCVE-2026-32914

OpenClaw < 2026.3.12 - Insufficient Access Control in /config and /debug Endpoints

Platform

other

Component

openclaw

Fixed in

2026.3.12

View on NVD

OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config and /debug command handlers that allows command-authorized non-owners to access owner-only surfaces. Attackers with command authorization can read or modify privileged configuration settings restricted to owners by exploiting missing owner-level permission checks.

How to fix

Actualice OpenClaw a la versión 2026.3.12 o posterior. Esta versión corrige la vulnerabilidad de control de acceso insuficiente en los endpoints /config y /debug, impidiendo que usuarios no autorizados accedan a configuraciones privilegiadas.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free