Severity: Critical
CVSS Score: 10
### Summary A logic flaw in the OpenClaw gateway WebSocket connect path allowed certain device-less shared-token or password-authenticated backend connections to keep client-declared scopes without server-side binding. A shared-authenticated client could present elevated scopes such as `operator.admin` even though those scopes were not tied to a device identity or an explicitly trusted Control UI path. ### Impact This crossed the intended authorization boundary and could let a shared-secret-authenticated backend client perform admin-only gateway operations. ### Affected versions `openclaw` `<= 2026.3.11` ### Patch Fixed in `openclaw` `2026.3.12`. The gateway now clears unbound scopes for non-Control-UI shared-auth connections, and regression tests cover the device-less shared-auth path.