CVE-2026-62197
OpenClaw · OpenClaw
OpenClaw is susceptible to a Server-Side Request Forgery (SSRF) vulnerability that allows authenticated users to bypass security policies via CDP discovery.
Executive summary
A Server-Side Request Forgery (SSRF) vulnerability in OpenClaw allows authenticated users to bypass security policies, potentially leading to unauthorized internal network interactions.
Vulnerability
This is a Server-Side Request Forgery (SSRF) vulnerability (CWE-918) that occurs during CDP discovery. The vulnerability requires the attacker to have low-level privileges (authenticated access) to trigger the flaw.
Business impact
SSRF vulnerabilities can allow an attacker to make requests to internal services that are not typically accessible from the outside, potentially leading to information disclosure or unauthorized actions within the internal network. With a CVSS score of 8.5, this high-severity vulnerability could be leveraged to gain further access into the infrastructure, undermining the security posture of the host environment.
Remediation
Immediate Action: Upgrade OpenClaw to version 2026.6.6 or later to remediate the SSRF vulnerability.
Proactive Monitoring: Monitor internal network traffic originating from the server hosting OpenClaw for unusual outbound requests, especially those targeting internal-only infrastructure or services.
Compensating Controls: Implement strict egress filtering on the server to prevent it from making unauthorized requests to sensitive internal network segments.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Given the potential for SSRF to be used as a pivot point for further internal network attacks, administrators should prioritize updating to the patched version, 2026.6.6. Ensure that the update is tested in a staging environment before deployment to production systems.