When Your Dashboard Leaks the Keys: A CVSS 9.0 Credential Exposure in OpenClaw

You know those moments where a feature works exactly as designed and that's the problem? OpenClaw issue #50614 is one of those. CVSS 9.0 Critical. And the root cause is... a log line. The Setup When you run openclaw dashboard , it helpfully prints the URL to your terminal: Dashboard URL: http://localhost:3000/#token=your-secret-bearer-here Convenient! You can click it, copy it, whatever. The token goes in a URL fragment (the # part), so it doesn't hit server logs. Smart design, actually. But here's what happens next: OpenClaw's CLI captures console output and writes it to a shared JSON log file The logs.tail API endpoint serves that log file logs.tail is mapped to the operator.read scope See the chain? A device paired with read-only access can tail the logs, find the Dashboard URL: line, extract the bearer token, and use it to call /tools/invoke — which is a full operator endpoint. Read-only device → full operator access. That's privilege escalation through log pollution. Why This Is S