Description
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service metadata and responses through the image pipeline.
Published: 2026-03-31
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery (SSRF)
Action: Immediate Patch
AI Analysis

Impact

OpenClaw versions prior to 2026.3.28 contain an SSRF flaw in the fal provider’s image-generation component. The component downloads image data without validating the target URL, allowing attackers to request internal network addresses through the image pipeline. By exploiting this path, an attacker can expose internal service metadata and responses, potentially leaking sensitive information or facilitating further attacks. The weakness is identified as CWE‑918, reflecting untrusted input used in outbound requests.

Affected Systems

The affected systems are OpenClaw, specifically the OpenClaw application running on Node.js. Any installation using a version older than 2026.3.28 is vulnerable. No further vendor or product detail is provided.

Risk and Exploitability

The CVSS score of 6.9 indicates medium severity. No EPSS score is available, and the vulnerability is not listed in CISA’s KEV catalog, suggesting limited public exploitation data. Nevertheless, the flaw can be triggered by any user able to interact with the fal provider component, and a compromised fal relay can serve as an internal pivot to exfiltrate data. The lack of CEI and KEV status does not diminish the potential impact within the affected environment.

Generated by OpenCVE AI on March 31, 2026 at 15:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.3.28 or later.
  • If an upgrade is not immediately possible, disable the fal provider image-generation component or block outbound image download requests to untrusted URLs.
  • Monitor application logs for anomalous internal requests and investigate any unexpected outbound traffic from the fal provider pathway.

Generated by OpenCVE AI on March 31, 2026 at 15:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-qxgf-hmcj-3xw3 OpenClaw affected by SSRF via unguarded image download in fal provider
History

Tue, 31 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

 cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L'}

Tue, 31 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 14:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service metadata and responses through the image pipeline.
Title OpenClaw < 2026.3.28 - Server-Side Request Forgery via Unguarded Image Download in fal Provider
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-918
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-31T17:44:09.731Z

Reserved: 2026-03-30T13:51:47.549Z

Link: CVE-2026-34504

cve-icon Vulnrichment

Updated: 2026-03-31T14:22:25.780Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-31T15:16:19.687

Modified: 2026-04-02T12:20:31.950

Link: CVE-2026-34504

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:38:22Z

Weaknesses