Executive Summary

CVE-2026-22174 is a vulnerability in OpenClaw versions prior to 2026.2.22 where the software injects the x-OpenClaw-relay-token header containing the Gateway authentication token into Chrome DevTools Protocol (CDP) probe traffic sent over loopback interfaces.

This allows local processes that can access loopback ports to intercept these CDP reachability probes, specifically those targeting the /json/version endpoint, and capture the Gateway bearer token.

An attacker who controls or races to bind a loopback port can then reuse the leaked token to authenticate as the Gateway, potentially gaining unauthorized access.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to local credential disclosure where an attacker with access to the same machine can intercept and steal the Gateway authentication token.

By reusing the stolen token, the attacker can authenticate as the Gateway, potentially gaining unauthorized access to the system or services protected by OpenClaw.

The attack requires local access and the ability to control or race to bind a loopback port, making the attack complexity high.

The impact is mainly on confidentiality (high), with some integrity impact (low), but no impact on availability.

This risk primarily affects environments where multiple users or untrusted processes share the same host or user environment; standard single-owner installs are less impacted.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'Detection of this vulnerability involves monitoring loopback interface traffic for the presence of the x-OpenClaw-relay-token header in Chrome DevTools Protocol (CDP) probe requests, especially those targeting the /json/version endpoint.'}, {'type': 'paragraph', 'content': 'One approach is to capture and inspect local loopback traffic to identify if any process is injecting or leaking the Gateway authentication token via this header.'}, {'type': 'list_item', 'content': 'Use packet capture tools like tcpdump or Wireshark to monitor loopback interface traffic for HTTP requests containing the x-OpenClaw-relay-token header.'}, {'type': 'list_item', 'content': "Example tcpdump command to capture HTTP traffic on loopback interface (lo): sudo tcpdump -i lo -A -s 0 'tcp port 9222 or tcp port 9223' | grep x-OpenClaw-relay-token"}, {'type': 'list_item', 'content': 'Alternatively, use curl or similar tools to probe the /json/version endpoint on local relay ports and check if the x-OpenClaw-relay-token header is present in requests or responses.'}, {'type': 'paragraph', 'content': 'Note that the vulnerability requires local access and the ability to intercept or race loopback ports, so detection focuses on local traffic inspection and process monitoring.'}] [1, 3]

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade OpenClaw to version 2026.2.22 or later, where the vulnerability has been fixed.

The fix involves hardening the authentication token flow by deriving port-scoped relay tokens using HMAC-SHA256, enforcing strict token validation on loopback relay servers, and preventing unauthorized reuse of the Gateway token.

• Update OpenClaw to version 2026.2.22 or newer.
• Restrict local access to loopback ports used by OpenClaw relay servers to trusted processes only.
• Monitor and audit local processes to prevent untrusted users or processes from binding to or intercepting loopback relay ports.

These steps reduce the risk of an attacker capturing and reusing the Gateway authentication token via the Chrome DevTools Protocol probe traffic.

Useful 0 Not Useful 0