OpenClaw versions prior to 2026.2.1 with the voice-call extension installed and enabled contain an authentication bypass vulnerability in inbound allowlist policy validation that accepts empty caller IDs and uses suffix-based matching instead of strict equality. Remote attackers can bypass inbound access controls by placing calls with missing caller IDs or numbers ending with allowlisted digits to reach the voice-call agent and execute tools.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
Present
Additional conditions required
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
Low
Partial disruption
CVSS Vector v4.0
References 3
https://github.com/openclaw/openclaw/commit/f8dfd034f5d9235c5485f492a9e4ccc114e…
disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-4rj2-gpmh-qq5x
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-inbound-allowlist-policy-bypass-i…
disclosure@vulncheck.com