<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Profile-Reset - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/tags/profile-reset/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Tue, 02 Jan 2024 10:00:00 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/tags/profile-reset/feed.xml" rel="self" type="application/rss+xml"/><item><title>OpenClaw: Unauthorized Profile Reset via browser.request</title><link>https://feed.craftedsignal.io/briefs/2024-01-openclaw-reset-profile/</link><pubDate>Tue, 02 Jan 2024 10:00:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2024-01-openclaw-reset-profile/</guid><description>OpenClaw version 2026.3.22 allows authenticated users with `operator.write` access to the `browser.request` method to reset persistent browser profiles via a `POST /reset-profile` request due to a missing check in the persistent-profile mutation classifier, leading to data loss and service disruption.</description><content:encoded><![CDATA[<p>OpenClaw version 2026.3.22 contains an authorization bypass vulnerability that allows an authenticated user with limited <code>operator.write</code> privileges to perform destructive actions on browser profiles. Specifically, a user with access to the <code>browser.request</code> Gateway method can send a <code>POST</code> request to the <code>/reset-profile</code> endpoint, which is intended for higher-privileged users. This is due to an incomplete fix related to persistent profile management. While the prior fix blocked <code>POST /profiles/create</code> and profile deletion, the latest release omits <code>POST /reset-profile</code> from the same mutation gate. This vulnerability was addressed in OpenClaw version 2026.3.24.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker authenticates to the OpenClaw application with <code>operator.write</code> privileges.</li>
<li>The attacker leverages their access to the <code>browser.request</code> Gateway method.</li>
<li>The attacker crafts a <code>POST</code> request to the <code>/reset-profile</code> endpoint. The request body includes the target profile name.</li>
<li>The <code>browser.request</code> method incorrectly forwards the request to the browser route dispatcher due to a missing check in the <code>isPersistentBrowserProfileMutation(...)</code> helper.</li>
<li>The exposed browser server route maps <code>/reset-profile</code> to <code>profileCtx.resetProfile()</code>.</li>
<li>The <code>resetProfile()</code> function is executed, stopping the running browser, closing the Playwright browser connection, and moving the profile's <code>userDataDir</code> to Trash.</li>
<li>The target browser profile is reset, leading to data loss and service disruption for the user associated with that profile.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of this vulnerability allows an attacker with <code>operator.write</code> access to reset arbitrary browser profiles. This results in the targeted browser being stopped, the Playwright browser connection being closed, and the profile's local data directory being moved to the trash. This leads to a loss of persistent browser state, potential data loss, and disruption of service for users relying on the affected browser profiles.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Upgrade OpenClaw to version 2026.3.24 or later to patch the vulnerability.</li>
<li>Deploy the Sigma rule <code>Detect OpenClaw Unauthorized Profile Reset</code> to detect exploitation attempts by monitoring for <code>POST</code> requests to <code>/reset-profile</code> originating from <code>browser.request</code> with <code>operator.write</code> privileges.</li>
<li>Review the source code locations <code>src/gateway/server-methods/browser.ts</code> and <code>src/node-host/invoke-browser.ts</code> to ensure all profile-management routes are correctly classified and protected.</li>
<li>Implement regression testing with a deny control for <code>POST /reset-profile</code> on the <code>browser.request</code> surface to prevent future regressions.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>openclaw</category><category>authorization</category><category>profile-reset</category></item></channel></rss>