CVE-2026-25253
Unauthorized WebSocket Connection in OpenClaw Exposes Token Leakage
Publication date: 2026-02-01
Last updated on: 2026-02-13
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.1.29 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-669 | The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
[{'type': 'paragraph', 'content': "The vulnerability in OpenClaw (CVE-2026-25253) leads to unauthorized exposure of sensitive authentication tokens, enabling attackers to gain operator-level access to the victim's local gateway API. This results in a full compromise of confidentiality, integrity, and availability of the system."}, {'type': 'paragraph', 'content': 'Such unauthorized access and data exposure can lead to violations of common compliance standards and regulations like GDPR and HIPAA, which mandate strict protection of personal and sensitive data. The leakage of authentication tokens and potential for remote code execution could result in unauthorized data access, modification, or disruption, thereby breaching these regulatory requirements.'}, {'type': 'paragraph', 'content': 'Therefore, organizations using affected versions of OpenClaw may face compliance risks if this vulnerability is exploited, emphasizing the importance of applying the patch that requires user confirmation before connecting to new gateway URLs.'}] [2, 4]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for unexpected WebSocket connections initiated by the OpenClaw Control UI that use a gatewayUrl parameter from query strings without user confirmation.
Since the vulnerability causes the client to automatically connect to a WebSocket server specified by the gatewayUrl parameter and send an authentication token, network detection can focus on identifying outbound WebSocket connections to unknown or suspicious servers, especially those not part of the normal OpenClaw gateway.
There are no specific commands provided in the available resources to detect this vulnerability directly.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update OpenClaw to version 2026.1.29 or later, where the vulnerability has been patched by requiring user confirmation before connecting to any new gatewayUrl.
Until the update is applied, users should avoid clicking on untrusted links or visiting suspicious websites that might exploit the gatewayUrl parameter to trigger the vulnerability.
Additionally, monitoring and restricting outbound WebSocket connections from the OpenClaw client to unknown servers can help reduce risk.
Can you explain this vulnerability to me?
This vulnerability in OpenClaw (also known as clawdbot or Moltbot) before version 2026.1.29 involves the software automatically obtaining a gatewayUrl value from a query string and making a WebSocket connection without user prompting, sending a token value in the process. This behavior can lead to unauthorized use of the token and potential exploitation.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access and control because the token is sent automatically over a WebSocket connection without user consent. This can result in high impact on confidentiality, integrity, and availability of the system, potentially allowing attackers to compromise data or disrupt services.