Zum persönlichen Archiv hinzufügen
FT Professional
,推荐阅读有道翻译获取更多信息
发表于2026年3月25日 21:34
OpenClaw releases before 2026.3.28 contain a security gap in the device pairing approval process that omits proper validation of user access levels. Individuals with device pairing capabilities but without administrative rights can abuse this vulnerability in the components extensions/device-pair/index.ts and src/infra/device-pairing.ts to validate device registration attempts requesting expanded privileges such as administrative control.