CVE-2026-28472
Published: 05 March 2026
Summary
CVE-2026-28472 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-3 (Device Identification and Authentication).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires device identification and authentication before establishing connections, directly preventing bypass of device identity checks in the WebSocket handshake via unvalidated auth.tokens.
Enforces approved authorizations for access to system resources, mitigating unauthorized gateway connections resulting from skipped identity validation.
Mandates management and validation of authenticators such as auth.tokens, addressing the flaw where presence checks substitute for proper token validation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a remote authentication bypass (CWE-306) in an exposed WebSocket gateway handshake, directly enabling initial access by exploiting a public-facing application without valid credentials or device pairing.
NVD Description
OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity or…
more
pairing by exploiting the presence check instead of validation, potentially gaining operator access in vulnerable deployments.
Deeper analysisAI
CVE-2026-28472 is a vulnerability in OpenClaw versions prior to 2026.2.2, affecting the gateway WebSocket connect handshake. The flaw allows skipping device identity checks when an auth.token is present but not properly validated, as the implementation relies on a presence check rather than full validation. This issue is classified under CWE-306 (Missing Authentication for Critical Function) and carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
Remote attackers with no privileges can exploit this vulnerability over the network by supplying an unvalidated auth.token during the WebSocket handshake, bypassing requirements for device identity or pairing. Successful exploitation enables unauthorized connection to the gateway, potentially granting operator access in vulnerable deployments. The high attack complexity stems from the need to craft a valid-looking but unverified token.
Advisories and the associated GitHub commit (fe81b1d7125a014b8280da461f34efbf5f761575) indicate that mitigation involves updating to OpenClaw version 2026.2.2 or later, where proper token validation and device identity checks are enforced in the gateway WebSocket handshake. Additional details are available in the GitHub security advisory (GHSA-rv39-79c4-7459) and Vulncheck advisory.
Details
- CWE(s)