Description
OpenClaw version 2026.1.14-1 prior to 2026.2.12 contain an improper network binding vulnerability in the Chrome extension (must be installed and enabled) relay server that treats wildcard hosts as loopback addresses, allowing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUrl is configured. Remote attackers can access relay HTTP endpoints off-host to leak service presence and port information, or conduct denial-of-service and brute-force attacks against the relay token header.
Published: 2026-03-05
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Service Disclosure
Action: Patch Immediately
AI Analysis

Impact

The OpenClaw Chrome extension relay server incorrectly treats wildcard host entries as loopback addresses, causing the HTTP/WS server to bind to all network interfaces when a wildcard cdpUrl is configured. This improper network binding allows remote attackers to reach the relay endpoints from outside the host, potentially leaking the presence of the service and exposing port information. The vulnerability also enables denial‑of‑service and brute‑force attacks against the authentication token header. The weakness is a classic example of CWE‑1327, improper network bound address handling. Only Chrome extensions that are installed and enabled are at risk; the flaw is not tied to arbitrary code execution but to unauthorized exposure of an internal service.

Affected Systems

Affected is the OpenClaw application (OpenClaw:OpenClaw). All releases from 2026.1.14‑1 up to, but not including, 2026.2.12 are vulnerable. Users running any of these versions with the Chrome extension enabled are at risk.

Risk and Exploitability

The CVSS score of 6.3 classifies the vulnerability as moderate severity, and the EPSS score of less than 1% indicates a very low exploitation probability at the time of this analysis. The exploit requires the victim to have the Chrome extension installed and enabled, and an attacker must target the host that has bound the relay to all interfaces. Because the exploit does not require local code execution, the attack vector is remote network access. Although the likelihood is low, the impact could be significant for exposed services, especially if an attacker can use brute‑force token attacks to compromise the relay. As of now the vulnerability is not listed in the CISA KEV catalog, but any organization that exposes the relay can inadvertently allow external discovery. Given the moderate CVSS score and low EPSS, patching should be prioritized but urgent attribution is not mandatory for all environments.

Generated by OpenCVE AI on April 16, 2026 at 12:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.2.12 or later to remove the wildcard cdpUrl binding flaw.
  • If an immediate upgrade is not feasible, uninstall or disable the Chrome extension to prevent the relay from listening on external interfaces.
  • Apply a local‑only configuration by setting the cdpUrl to an explicit loopback address (e.g., 127.0.0.1) or block the relay port with firewall rules to restrict external access.

Generated by OpenCVE AI on April 16, 2026 at 12:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-qw99-grcx-4pvm OpenClaw's Chrome extension relay binds publicly due to wildcard treated as loopback
History

Wed, 11 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 06 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L'}

 cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L'}

Thu, 05 Mar 2026 22:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L'}

Thu, 05 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw version 2026.1.14-1 prior to 2026.2.12 contain an improper network binding vulnerability in the Chrome extension (must be installed and enabled) relay server that treats wildcard hosts as loopback addresses, allowing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUrl is configured. Remote attackers can access relay HTTP endpoints off-host to leak service presence and port information, or conduct denial-of-service and brute-force attacks against the relay token header.
Title OpenClaw 2026.1.14-1 < 2026.2.12 - Unintended Public Binding of Chrome Extension Relay via Wildcard cdpUrl
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-1327
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-11T13:39:13.542Z

Reserved: 2026-02-27T15:16:39.140Z

Link: CVE-2026-28395

cve-icon Vulnrichment

Updated: 2026-03-11T13:38:51.627Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T22:16:16.173

Modified: 2026-03-09T20:29:20.913

Link: CVE-2026-28395

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T12:15:35Z

Weaknesses