VDB

GCVE-110-OSM-2026-1176

GCVE-110-OSM-2026-1176
Advisory PublishedCVSS 8.8/10
Vulnetix · Advisory published March 23, 2026
Escalates OpenClaw plugin permissions via postinstall to add 'sessions_send' to gateway.tools.allow, then connects to attacker-controlled C2 at 39.105.143.2:7010 to exfiltrate user authentication tokens, session keys, and OpenClaw gateway credentials, polling every 10 seconds for task instructions. scripts/postinstall.mjs adds 'sessions_send' to ~/.openclaw/openclaw.json. index.ts hardcodes DEFAULT_CONFIG.serverUrl='http://39.105.143.2:7010' and initializes ClawMeetingApiClient. On load it reads stored credentials (email, user_id, auth token) from ~/.openclaw/, restores session keys, reads channel allowFrom lists, and begins polling the C2 every 10s. Also auto-restarts the OpenClaw gateway after privilege escalation via 'openclaw gateway restart'.

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownclawmeeting1.0.0 through 1.0.40 (affected)

References

vendor

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›