CVE-2026-32897

EPSS 0.06%

OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback

發布日:2026/3/3修改日:2026/3/24

描述

## Vulnerability OpenClaw reused `gateway.auth.token` (and `gateway.remote.token`) as a fallback hash secret for owner-ID prompt obfuscation when `commands.ownerDisplay=hash` and `commands.ownerDisplaySecret` was unset. This created secret dual-use between gateway authentication and prompt metadata hashing. ## Impact - Auth-secret dual-use across security domains (gateway auth and prompt metadata hashing). - Hash outputs are visible to third-party model providers in system prompts. - No direct plaintext token disclosure. - Practical risk is highest when operators use weak gateway tokens and leave owner hash secret unset. ## Affected Packages / Versions - Package: `openclaw` (npm) - Latest affected published version: `2026.2.21-2` - Vulnerable range: `<= 2026.2.21-2` - Patched version (planned next release): `2026.2.22` ## Affected Components - `src/agents/cli-runner/helpers.ts` - `src/agents/pi-embedded-runner/run/attempt.ts` - `src/agents/pi-embedded-runner/compact.ts` ## Remediation - Added a shared owner-display resolver and secret-generation helper. - Removed fallback to `gateway.auth.token` and `gateway.remote.token`. - Auto-generates and persists a dedicated `commands.ownerDisplaySecret` when hash mode is enabled and secret is missing. ## Fix Commit(s) - c99e7696e6893083b256f0a6c88fb060f3a76fb7 ## Release Process Note `patched_versions` is pre-set to the planned next release (`2026.2.22`). Once npm release `2026.2.22` is published, this advisory only needs to be published. OpenClaw thanks @aether-ai-agent for reporting.

受影響套件(1)

CVSS 分數

來源版本嚴重程度向量
osvCVSS 4.0CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

參考連結(5)