CVE-2026-41909 Overview
CVE-2026-41909 is an improper authorization vulnerability (CWE-863) affecting OpenClaw versions prior to 2026.4.20. The vulnerability exists in the paired-device pairing management functionality, where limited-scope sessions can enumerate and act on pairing requests outside their authorized scope. Attackers with paired-device access can approve or operate on unrelated pending device requests within the same gateway scope, potentially compromising the integrity of device pairing workflows.
Critical Impact
Attackers with authenticated paired-device access can manipulate unrelated device pairing requests, enabling unauthorized device approvals and potential lateral movement within gateway infrastructure.
Affected Products
- OpenClaw versions before 2026.4.20
Discovery Timeline
- 2026-04-23 - CVE-2026-41909 published to NVD
- 2026-04-23 - Last updated in NVD database
Technical Details for CVE-2026-41909
Vulnerability Analysis
This vulnerability represents a classic broken access control issue where session scope boundaries are not properly enforced during paired-device pairing operations. The flaw allows a session with limited-scope paired-device access to enumerate pending pairing requests beyond its authorized device context and perform actions on those requests.
The core issue stems from insufficient validation of the authentication context when processing pairing actions. Prior to the patch, the system did not distinguish between device-token authenticated sessions and other session types when authorizing pairing operations. This allowed sessions to act on pairing requests for devices they should not have access to, as long as those devices existed within the same gateway scope.
Root Cause
The root cause is the absence of proper authorization checks to verify that a paired-device session is only permitted to operate on pairing requests associated with its own device identity. The system failed to track and enforce whether a session was authenticated via device-token, allowing broader access than intended to pairing management functionality.
Attack Vector
This is a network-accessible vulnerability requiring low-privilege authenticated access. An attacker who has already established a paired-device session can:
- Enumerate pending pairing requests within the gateway scope
- Approve or reject pairing requests for devices they do not own
- Potentially establish unauthorized device pairings that could be leveraged for further access
The attack requires prior authentication as a paired device, limiting the attack surface to scenarios where an attacker has already compromised or legitimately controls at least one paired device.
The fix introduces an isDeviceTokenAuth flag to properly track the authentication method and enforce scope restrictions:
canvasHostUrl?: string;
canvasCapability?: string;
canvasCapabilityExpiresAtMs?: number;
+ isDeviceTokenAuth?: boolean;
internal?: {
allowModelOverride?: boolean;
};
Source: GitHub Commit Changes
The flag is then set during WebSocket connection handling to properly identify device-token authenticated sessions:
socket,
connect: connectParams,
connId,
+ isDeviceTokenAuth: authMethod === "device-token",
usesSharedGatewayAuth,
sharedGatewaySessionGeneration,
presenceKey,
Source: GitHub Commit Changes
Detection Methods for CVE-2026-41909
Indicators of Compromise
- Unusual pairing request approvals from device sessions that don't match the target device identity
- Multiple device pairing operations originating from a single paired-device session
- Pairing requests being enumerated or acted upon by sessions with mismatched device tokens
Detection Strategies
- Monitor gateway logs for pairing operations where the acting device ID differs from the target device ID
- Implement alerting for sessions that enumerate multiple pending pairing requests in rapid succession
- Audit device pairing approval events for anomalies in session-to-device ownership relationships
Monitoring Recommendations
- Enable detailed logging for all paired-device pairing management API calls
- Track the relationship between authenticated device sessions and their permitted scope of operations
- Review gateway access logs for patterns indicating scope boundary violations
How to Mitigate CVE-2026-41909
Immediate Actions Required
- Upgrade OpenClaw to version 2026.4.20 or later immediately
- Review recent device pairing logs for unauthorized approval activity
- Revoke and regenerate device tokens for any devices where unauthorized pairing may have occurred
Patch Information
The vulnerability is addressed in OpenClaw version 2026.4.20. The fix introduces proper tracking of device-token authentication via the isDeviceTokenAuth flag, ensuring that paired-device sessions can only act on pairing requests associated with their own device identity. Detailed patch information is available in the GitHub Commit Changes and GitHub Security Advisory.
Workarounds
- Restrict network access to gateway pairing management endpoints to trusted networks only
- Implement additional monitoring and alerting on pairing operations until the patch can be applied
- Consider temporarily disabling automated pairing approval workflows for sensitive gateway deployments
# Example: Restrict pairing endpoint access via firewall
iptables -A INPUT -p tcp --dport 8443 -s trusted_network/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8443 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
