CVE-2026-62197

OpenClaw · OpenClaw

OpenClaw is susceptible to a Server-Side Request Forgery (SSRF) vulnerability that allows authenticated users to bypass security policies via CDP discovery.

Executive summary

A Server-Side Request Forgery (SSRF) vulnerability in OpenClaw allows authenticated users to bypass security policies, potentially leading to unauthorized internal network interactions.

Vulnerability

This is a Server-Side Request Forgery (SSRF) vulnerability (CWE-918) that occurs during CDP discovery. The vulnerability requires the attacker to have low-level privileges (authenticated access) to trigger the flaw.

Business impact

SSRF vulnerabilities can allow an attacker to make requests to internal services that are not typically accessible from the outside, potentially leading to information disclosure or unauthorized actions within the internal network. With a CVSS score of 8.5, this high-severity vulnerability could be leveraged to gain further access into the infrastructure, undermining the security posture of the host environment.

Remediation

Immediate Action: Upgrade OpenClaw to version 2026.6.6 or later to remediate the SSRF vulnerability.

Proactive Monitoring: Monitor internal network traffic originating from the server hosting OpenClaw for unusual outbound requests, especially those targeting internal-only infrastructure or services.

Compensating Controls: Implement strict egress filtering on the server to prevent it from making unauthorized requests to sensitive internal network segments.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Given the potential for SSRF to be used as a pivot point for further internal network attacks, administrators should prioritize updating to the patched version, 2026.6.6. Ensure that the update is tested in a staging environment before deployment to production systems.