CVE-2026-62208 in OpenClaw
Summary
by MITRE • 07/17/2026
OpenClaw before 2026.6.5 could forward Authorization headers during MCP SSE redirects. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization. Impact depends on the operator's configuration and whether lower-trust input can reach the affected path.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 07/17/2026
The vulnerability in OpenClaw versions prior to 2026.6.5 represents a critical authorization bypass flaw that stems from improper handling of Authorization headers during Server-Side Events (SSE) redirects. This issue falls under the Common Weakness Enumeration category of CWE-285, which deals with improper authorization mechanisms in software systems. The vulnerability specifically manifests when the MCP SSE redirect functionality is enabled and accessible, creating a pathway for malicious actors to escalate their privileges through manipulated header forwarding.
The technical implementation flaw occurs at the HTTP request processing layer where Authorization headers are automatically forwarded during redirect operations without proper validation or sanitization. This behavior creates a scenario where a lower-privileged user or attacker with access to specific input paths can manipulate the authorization context of subsequent requests. The vulnerability exploits the trust relationship between different system components, allowing unauthorized actions to be executed or persisted beyond what the original caller should have been authorized to perform.
From an operational impact perspective, this vulnerability creates significant security risks for organizations relying on OpenClaw's MCP SSE functionality. The severity of impact varies considerably based on the operator's specific configuration choices and the attack surface available to potential adversaries. If lower-trust input sources can reach the affected paths, attackers may gain unauthorized access to sensitive resources or perform administrative actions that should be restricted to higher-privileged users. This authorization bypass can lead to data breaches, privilege escalation, and potential system compromise depending on the scope of accessible resources.
Mitigation strategies should focus on implementing proper header validation and sanitization mechanisms before forwarding Authorization headers during redirect operations. Organizations should disable MCP SSE redirect functionality if not strictly required, or implement additional access controls and input validation measures to prevent unauthorized path traversal. The solution aligns with ATT&CK technique T1078 which addresses valid accounts and privilege escalation through improper configuration management. Regular security assessments and configuration reviews are essential to ensure that authorization boundaries remain intact and that no unintended trust relationships exist between system components processing sensitive authentication information.