CVE-2026-25474
📋 TL;DR
OpenClaw versions 2026.1.30 and below have an authentication bypass vulnerability in Telegram webhook mode. When channels.telegram.webhookSecret is not configured, the system accepts webhook requests without verifying Telegram's secret token, allowing attackers to send forged updates. Only deployments with Telegram webhook mode enabled and exposed webhook endpoints are affected.
💻 Affected Systems
- OpenClaw
📦 What is this software?
Openclaw by Openclaw
⚠️ Risk & Real-World Impact
Worst Case
Attackers could send forged Telegram updates to execute arbitrary bot commands, potentially leading to data exfiltration, unauthorized system access, or malicious actions depending on bot capabilities.
Likely Case
Attackers spoof message origins to send unauthorized commands, potentially triggering unintended bot responses or accessing restricted functionality.
If Mitigated
With proper webhook secret validation, only legitimate Telegram updates are processed, preventing unauthorized command execution.
🎯 Exploit Status
Exploitation requires network access to the webhook endpoint and knowledge of the endpoint URL.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2026.2.1
Vendor Advisory: https://github.com/openclaw/openclaw/releases/tag/v2026.2.1
Restart Required: Yes
Instructions:
1. Update OpenClaw to version 2026.2.1 or later. 2. Restart the OpenClaw service. 3. Verify webhookSecret is configured if using Telegram webhook mode.
🔧 Temporary Workarounds
Configure webhookSecret
allSet channels.telegram.webhookSecret to a secure random value to enable Telegram secret token validation.
Edit OpenClaw configuration file and add: channels.telegram.webhookSecret = "your-secure-random-value"
Disable Telegram webhook mode
allSwitch to polling mode or disable Telegram integration if webhook mode is not required.
Remove or comment out channels.telegram.webhookUrl configuration
🧯 If You Can't Patch
- Restrict network access to the webhook endpoint using firewall rules or network segmentation.
- Implement a reverse proxy or WAF to validate Telegram webhook requests before they reach OpenClaw.
🔍 How to Verify
Check if Vulnerable:
Check if OpenClaw version is 2026.1.30 or below AND channels.telegram.webhookUrl is configured AND channels.telegram.webhookSecret is not set.Check Version:
Check OpenClaw configuration file or run: openclaw --versionVerify Fix Applied:
Verify OpenClaw version is 2026.2.1 or later AND webhookSecret is properly configured if using Telegram webhook mode.📡 Detection & Monitoring
Log Indicators:
- Webhook requests without valid Telegram secret token headers
- Unusual command execution patterns from unexpected Telegram user IDs
Network Indicators:
- HTTP POST requests to /webhook/telegram endpoint from non-Telegram IP ranges
SIEM Query:
source="openclaw.log" AND ("webhook" AND "telegram") AND NOT "X-Telegram-Bot-Api-Secret-Token"🔗 References
- https://github.com/openclaw/openclaw/commit/3cbcba10cf30c2ffb898f0d8c7dfb929f15f8930
- https://github.com/openclaw/openclaw/commit/5643a934799dc523ec2ef18c007e1aa2c386b670
- https://github.com/openclaw/openclaw/commit/633fe8b9c17f02fcc68ecdb5ec212a5ace932f09
- https://github.com/openclaw/openclaw/commit/ca92597e1f9593236ad86810b66633144b69314d
- https://github.com/openclaw/openclaw/releases/tag/v2026.2.1
- https://github.com/openclaw/openclaw/security/advisories/GHSA-mp5h-m6qj-6292
