CVE-2026-28472
OpenClaw's gateway connect could skip device identity checks when auth.token was present but not yet validated
Description
### Summary The gateway WebSocket `connect` handshake could allow skipping device identity checks when `auth.token` was present but not yet validated. ### Details In `src/gateway/server/ws-connection/message-handler.ts`, the device-identity requirement could be bypassed based on the *presence* of a non-empty `connectParams.auth.token` rather than a *validated* shared-secret authentication result. ### Impact In deployments where the gateway WebSocket is reachable and connections can be authorized via Tailscale without validating the shared secret, a client could connect without providing device identity/pairing. Depending on version and configuration, this could result in operator access. ### Deployment Guidance Per OpenClaw security guidance, the gateway should only be reachable from a trusted network and by trusted users (for example, restrict Tailnet users/ACLs when using Tailscale Serve). If the gateway WebSocket is only reachable by trusted users, there is typically no untrusted party with network access to exploit this issue. ### Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `<= 2026.2.1` - Fixed: `>= 2026.2.2` ### Fix Device-identity skipping now requires *validated* shared-secret authentication (token/password). Tailscale-authenticated connections without validated shared secret require device identity. ### Fix Commit(s) - fe81b1d7125a014b8280da461f34efbf5f761575 Thanks @simecek for reporting.
How to fix CVE-2026-28472
To remediate CVE-2026-28472, upgrade the affected package to a fixed version below.
- —upgrade to 2026.2.2 or later
Is CVE-2026-28472 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.2.2