{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/profile-reset/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["OpenClaw"],"_cs_severities":["high"],"_cs_tags":["openclaw","authorization","profile-reset"],"_cs_type":"advisory","_cs_vendors":["OpenClaw"],"content_html":"\u003cp\u003eOpenClaw version 2026.3.22 contains an authorization bypass vulnerability that allows an authenticated user with limited \u003ccode\u003eoperator.write\u003c/code\u003e privileges to perform destructive actions on browser profiles. Specifically, a user with access to the \u003ccode\u003ebrowser.request\u003c/code\u003e Gateway method can send a \u003ccode\u003ePOST\u003c/code\u003e request to the \u003ccode\u003e/reset-profile\u003c/code\u003e endpoint, which is intended for higher-privileged users. This is due to an incomplete fix related to persistent profile management. While the prior fix blocked \u003ccode\u003ePOST /profiles/create\u003c/code\u003e and profile deletion, the latest release omits \u003ccode\u003ePOST /reset-profile\u003c/code\u003e from the same mutation gate. This vulnerability was addressed in OpenClaw version 2026.3.24.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker authenticates to the OpenClaw application with \u003ccode\u003eoperator.write\u003c/code\u003e privileges.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages their access to the \u003ccode\u003ebrowser.request\u003c/code\u003e Gateway method.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a \u003ccode\u003ePOST\u003c/code\u003e request to the \u003ccode\u003e/reset-profile\u003c/code\u003e endpoint. The request body includes the target profile name.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ebrowser.request\u003c/code\u003e method incorrectly forwards the request to the browser route dispatcher due to a missing check in the \u003ccode\u003eisPersistentBrowserProfileMutation(...)\u003c/code\u003e helper.\u003c/li\u003e\n\u003cli\u003eThe exposed browser server route maps \u003ccode\u003e/reset-profile\u003c/code\u003e to \u003ccode\u003eprofileCtx.resetProfile()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eresetProfile()\u003c/code\u003e function is executed, stopping the running browser, closing the Playwright browser connection, and moving the profile's \u003ccode\u003euserDataDir\u003c/code\u003e to Trash.\u003c/li\u003e\n\u003cli\u003eThe target browser profile is reset, leading to data loss and service disruption for the user associated with that profile.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows an attacker with \u003ccode\u003eoperator.write\u003c/code\u003e access to reset arbitrary browser profiles. This results in the targeted browser being stopped, the Playwright browser connection being closed, and the profile's local data directory being moved to the trash. This leads to a loss of persistent browser state, potential data loss, and disruption of service for users relying on the affected browser profiles.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade OpenClaw to version 2026.3.24 or later to patch the vulnerability.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect OpenClaw Unauthorized Profile Reset\u003c/code\u003e to detect exploitation attempts by monitoring for \u003ccode\u003ePOST\u003c/code\u003e requests to \u003ccode\u003e/reset-profile\u003c/code\u003e originating from \u003ccode\u003ebrowser.request\u003c/code\u003e with \u003ccode\u003eoperator.write\u003c/code\u003e privileges.\u003c/li\u003e\n\u003cli\u003eReview the source code locations \u003ccode\u003esrc/gateway/server-methods/browser.ts\u003c/code\u003e and \u003ccode\u003esrc/node-host/invoke-browser.ts\u003c/code\u003e to ensure all profile-management routes are correctly classified and protected.\u003c/li\u003e\n\u003cli\u003eImplement regression testing with a deny control for \u003ccode\u003ePOST /reset-profile\u003c/code\u003e on the \u003ccode\u003ebrowser.request\u003c/code\u003e surface to prevent future regressions.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-02T10:00:00Z","date_published":"2024-01-02T10:00:00Z","id":"https://feed.craftedsignal.io/briefs/2024-01-openclaw-reset-profile/","summary":"OpenClaw version 2026.3.22 allows authenticated users with `operator.write` access to the `browser.request` method to reset persistent browser profiles via a `POST /reset-profile` request due to a missing check in the persistent-profile mutation classifier, leading to data loss and service disruption.","title":"OpenClaw: Unauthorized Profile Reset via browser.request","url":"https://feed.craftedsignal.io/briefs/2024-01-openclaw-reset-profile/"}],"language":"en","title":"CraftedSignal Threat Feed - Profile-Reset","version":"https://jsonfeed.org/version/1.1"}