OpenClaw Vulnerability Allows One-Click Remote Code Execution via Malicious Link
A critical security vulnerability has been identified in OpenClaw, an open-source autonomous artificial intelligence personal assistant. This flaw allows for one-click remote code execution via malicious links, posing significant risks to users.
Details of the OpenClaw Vulnerability
The vulnerability has been assigned the identifier CVE-2026-25253 and carries a CVSS score of 8.8, placing it in the high-severity category. Disclosed recently, it was officially patched in version 2026.1.29 of OpenClaw, released on January 30, 2026.
Peter Steinberger, the creator and maintainer of OpenClaw, explained that the flaw involves a lack of validation in the gateway URL received through the query string. This oversight allows the platform to auto-connect on page load, unintentionally sending stored gateway tokens to potentially harmful servers.
How the Exploit Works
The vulnerability enables attackers to execute a one-click remote code execution (RCE) exploit. Mav Levin, a security researcher who discovered the flaw, noted that simply visiting a malicious web page can trigger a cross-site WebSocket hijacking attack. The server does not validate the origin header, which allows requests from any site.
Once a user clicks on the malicious link, malicious JavaScript can be executed in their browser. This JavaScript retrieves an authentication token, establishes a WebSocket connection, and bypasses security protocols to log into the victim’s OpenClaw instance.
Impact of the Vulnerability
Attackers exploiting this vulnerability gain operator-level access to the OpenClaw gateway API. This access permits them to modify configurations and run arbitrary commands on the victim’s device.
- Flaw Identifier: CVE-2026-25253
- CVSS Score: 8.8
- Patch Release Date: January 30, 2026
- First Release of OpenClaw: November 2025
Steinberger emphasized that this vulnerability affects instances where users have authenticated to the Control UI, even if the gateway is configured to listen only on loopback addresses. The browser’s outbound connection creates a bridge, allowing the attack to succeed.
Recommendations for Users
Users of OpenClaw are encouraged to update to the latest version immediately to mitigate risks associated with this vulnerability. By maintaining the most current software, they can protect their personal data and devices from potential exploitation.
For more information on software security and developments, visit Filmogaz.com.
