CVE-2026-45223
OpenClaw · Crabbox
An authentication bypass vulnerability exists in Crabbox due to improper handling of administrative claims, allowing attackers to escalate privileges.
Executive summary
An authentication bypass flaw in OpenClaw Crabbox allows authenticated users to spoof administrative privileges and compromise system integrity.
Vulnerability
This is an Authentication Bypass by Spoofing (CWE-290) vulnerability. It allows a low-privileged authenticated user to manipulate administrative claims, effectively bypassing intended access controls.
Business impact
The ability to bypass authentication and gain administrative rights poses a severe risk to the confidentiality and integrity of the application. With a CVSS score of 8.8, this vulnerability allows for total technical impact, potentially enabling an attacker to modify configurations, access sensitive data, or disrupt operations.
Remediation
Immediate Action: Update OpenClaw Crabbox to version 0.9.0 or later to apply the necessary security fixes.
Proactive Monitoring: Monitor user activity logs for unusual privilege escalation events or unauthorized administrative actions.
Compensating Controls: Deploy a Web Application Firewall (WAF) with rules designed to detect and block malicious manipulation of session tokens or administrative claims.
Exploitation status
Public Exploit Available: No confirmed public exploit (Metasploit/ExploitDB).
Analyst recommendation
Given the potential for complete control over the Crabbox instance, organizations should treat this update as a high priority. Ensure the patch to version 0.9.0 is applied promptly to prevent unauthorized administrative access.