CVE-2026-35653
Published: 10 April 2026
Summary
CVE-2026-35653 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data Destruction (T1485); ranked at the 14.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-24 (Access Control Decisions).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
AC-3 mandates enforcement of approved authorizations for access to system resources, directly preventing the incorrect authorization bypass in the POST /reset-profile endpoint.
AC-6 enforces least privilege, restricting operator.write access from crossing privilege boundaries to perform unauthorized profile mutations.
AC-24 requires explicit access control decisions for system resources, mitigating flawed authorization checks that allow profile reset actions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables unauthorized profile reset, directly facilitating service stop (browser/process termination) and data destruction (profile directories moved to trash).
NVD Description
OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile through the browser.request surface to stop the running…
more
browser, close Playwright connections, and move profile directories to Trash, crossing intended privilege boundaries.
Deeper analysisAI
CVE-2026-35653 is an incorrect authorization vulnerability (CWE-863) affecting OpenClaw versions prior to 2026.3.24, specifically in the POST /reset-profile endpoint. This flaw allows authenticated callers with operator.write access to the browser.request surface to bypass intended profile mutation restrictions, enabling actions that cross privilege boundaries. The vulnerability has a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), highlighting its high impact on integrity and availability with network accessibility and low prerequisite privileges.
An attacker with authenticated access and operator.write permissions on browser.request can exploit this by invoking the POST /reset-profile endpoint through the browser.request interface. Successful exploitation stops the running browser, closes Playwright connections, and moves profile directories to Trash, disrupting operations and potentially causing data loss or denial of service without requiring user interaction.
Mitigation is addressed in OpenClaw patches via GitHub commits 4dcc39c25c6cc63fedfd004f52d173716576fcf0 and e7d11f6c33e223a0dd8a21cfe01076bd76cef87a, which security practitioners should apply by upgrading to version 2026.3.24 or later. Additional details are available in the GitHub security advisory GHSA-xp9r-prpg-373r and VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-incorrect-authorization-in-post-reset-profile-via-browser-request.
Details
- CWE(s)